ExamGecko
Search Search Login
Home Home / Fortinet / FCP_FCT_AD-7.2

Fortinet FCP_FCT_AD-7.2 Practice Test - Questions Answers

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Refer to the exhibit. An administrator has restored the modified XML configuration file to FortiClient and sees the error shown in the exhibit. Based on the XML settings shown in the exhibit, what must the administrator do to resolve the issue with the XML configuration file?
Refer to the exhibit. Based on the settings shown in the exhibit, which two actions must the administrator take to make the endpoint compliant? (Choose two.)
Refer to the exhibit, which shows the Zero Trust Tagging Rule Set configuration. Which two statements about the rule set are true? (Choose two.)
Refer to the exhibit, which shows the endpoint summary information on FortiClient EMS. What two conclusions can you make based on the Remote-Client status shown above? (Choose two.)
An administrator has a requirement to add user authentication to the ZTNA access for remote or off-fabric users Which FortiGate feature is required m addition to ZTNA?
Refer to the exhibit. Based on the FortiClient tog details shown in the exhibit, which two statements ace true? (Choose two.)
What does FortiClient do as a fabric agent? (Choose two.)
Which statement about the FortiClient enterprise management server is true?
Which statement about FortiClient enterprise management server is true?
Which security fabric component sends a notification to quarantine an endpoint after IOC detection in the automation process?

Question 1

Report
Export
Collapse

An administrator must add an authentication server on FortiClient EMS in a different security zone that cannot allow a direct connection.

Which solution can provide secure access between FortiClient EMS and the Active Directory server?

A.
Configure and deploy a FortiGate device between FortiClient EMS and the Active Directory server.
A.
Configure and deploy a FortiGate device between FortiClient EMS and the Active Directory server.
Answers
B.
Configure Active Directory and install FortiClient EMS on the same VM.
B.
Configure Active Directory and install FortiClient EMS on the same VM.
Answers
C.
Configure a slave FortiClient EMS on a virtual machine.
C.
Configure a slave FortiClient EMS on a virtual machine.
Answers
D.
Configure an Active Directory connector between FortiClient EMS and the Active Directory server.
D.
Configure an Active Directory connector between FortiClient EMS and the Active Directory server.
Answers
Suggested answer: A

Explanation:

Requirement:

The administrator needs to add an authentication server on FortiClient EMS in a different security zone that cannot allow a direct connection.

Solution Analysis:

The goal is to securely connect FortiClient EMS and the Active Directory server despite being in different security zones.

Evaluating Options:

Installing FortiClient EMS on the same VM as Active Directory (option B) is not practical due to security zone separation.

Configuring a slave FortiClient EMS on a virtual machine (option C) does not address the need for secure communication.

Configuring an Active Directory connector (option D) may not be sufficient without secure routing.

Conclusion:

Deploying a FortiGate device between FortiClient EMS and the Active Directory server ensures secure and controlled access between the two zones.

FortiClient EMS and FortiGate configuration and deployment documentation from the study guides.

Question 2

Report
Export
Collapse

What does FortiClient do as a fabric agent? (Choose two.)

A.
Provides IOC verdicts
A.
Provides IOC verdicts
Answers
B.
Creates dynamic policies
B.
Creates dynamic policies
Answers
C.
Provides application inventory
C.
Provides application inventory
Answers
D.
Automates Responses
D.
Automates Responses
Answers
Suggested answer: C, D

Question 3

Report
Export
Collapse

Which component or device shares ZTNA tag information through Security Fabric integration?

A.
FortiClient EMS
A.
FortiClient EMS
Answers
B.
FortiGate
B.
FortiGate
Answers
C.
FortiGate Access Proxy
C.
FortiGate Access Proxy
Answers
D.
FortiClient
D.
FortiClient
Answers
Suggested answer: A

Explanation:

FortiClient EMS is the component that shares ZTNA tag information through Security Fabric integration. ZTNA tags are synchronized from FortiClient EMS as inputs for the FortiGate application gateway. They can be used in ZTNA policies as security posture checks to ensure certain security criteria are met. FortiClient EMS can share ZTNA tags across multiple devices in the Fabric, such as FortiGate, FortiManager, and FortiAnalyzer. FortiClient EMS can also share ZTNA tags across multiple VDOMs on the same FortiGate device.FortiClient EMS can be configured to control the ZTNA tag sharing behavior in the Fabric Devices settings1.

FortiGate is the device that enforces ZTNA policies using ZTNA tags. FortiGate can receive ZTNA tags from FortiClient EMS via Fabric Connector. FortiGate can also publish ZTNA services through the ZTNA portal, which allows users to access applications without installing FortiClient.FortiGate can also provide ZTNA inline CASB for SaaS application access control2.

FortiGate Access Proxy is a feature that enables FortiGate to act as a proxy for ZTNA traffic. FortiGate Access Proxy can be deployed in front of the application servers to provide ZTNA protection. FortiGate Access Proxy can also be deployed behind the application servers to provide ZTNA visibility.FortiGate Access Proxy can use ZTNA tags to identify and authenticate users and devices2.

FortiClient is the endpoint software that connects to ZTNA services. FortiClient can register ZTNA tags with FortiClient EMS based on the endpoint security posture. FortiClient can also use ZTNA tags to access ZTNA services published by FortiGate.FortiClient can also use ZTNA tags to access SaaS applications with ZTNA inline CASB2.

Technical Tip: Behavior of ZTNA Tags shared across multiple vdoms or multiple FortiGate firewalls in the Security Fabric connected to the same FortiClient EMS Server

Synchronizing FortiClient ZTNA tags

Zero Trust Network Access (ZTNA) to Control Application Access

Question 4

Report
Export
Collapse

Refer to the exhibits.

Which show the Zero Trust Tag Monitor and the FortiClient GUI status.

Remote-Client is tagged as Remote-Users on the FortiClient EMS Zero Trust Tag Monitor.

What must an administrator do to show the tag on the FortiClient GUI?

A.
Update tagging rule logic to enable tag visibility
A.
Update tagging rule logic to enable tag visibility
Answers
B.
Change the FortiClient system settings to enable tag visibility
B.
Change the FortiClient system settings to enable tag visibility
Answers
C.
Change the endpoint control setting to enable tag visibility
C.
Change the endpoint control setting to enable tag visibility
Answers
D.
Change the user identity settings to enable tag visibility
D.
Change the user identity settings to enable tag visibility
Answers
Suggested answer: B

Explanation:

Based on the exhibits provided:

The 'Remote-Client' is tagged as 'Remote-Users' in the FortiClient EMS Zero Trust Tag Monitor.

To ensure that the tag 'Remote-Users' is visible in the FortiClient GUI, the system settings within FortiClient need to be updated to enable tag visibility.

The tag visibility feature is controlled by FortiClient system settings which manage how tags are displayed in the GUI.

Therefore, the administrator needs to change the FortiClient system settings to enable tag visibility.

Reference

FortiClient EMS 7.2 Study Guide, Zero Trust Tagging Section

FortiClient Documentation on Tag Management and Visibility Settings

Question 5

Report
Export
Collapse

Refer to the exhibit, which shows the output of the ZTNA traffic log on FortiGate.

What can you conclude from the log message?

A.
The remote user connection does not match the local-in policy.
A.
The remote user connection does not match the local-in policy.
Answers
B.
The remote user connection does not match the ZTNA rule configuration.
B.
The remote user connection does not match the ZTNA rule configuration.
Answers
C.
The remote user connection does not match the ZTNA server configuration.
C.
The remote user connection does not match the ZTNA server configuration.
Answers
D.
The remote user connection does not match the ZTNA firewall policy.
D.
The remote user connection does not match the ZTNA firewall policy.
Answers
Suggested answer: B

Explanation:

Observation of ZTNA Traffic Log:

The log message indicates that the remote user connection was denied due to failure to match a proxy policy.

Evaluating Log Message:

The message suggests that the connection does not match the existing ZTNA rule configuration, leading to the denial.

Conclusion:

The correct conclusion from the log message is that the remote user connection does not match the ZTNA rule configuration (B).

ZTNA traffic log analysis and configuration documentation from the study guides.

Question 6

Report
Export
Collapse

ZTNA Network Topology

Refer to the exhibits, which show a network topology diagram of ZTNA proxy access and the ZTNA rule configuration.

An administrator runs the diagnose endpoint record list CLI command on FortiGate to check Remote-Client endpoint information, however Remote-Client is not showing up in the endpoint record list.

What is the cause of this issue?

A.
Remote-Client has not initiated a connection to the ZTNA access proxy.
A.
Remote-Client has not initiated a connection to the ZTNA access proxy.
Answers
B.
Remote-Client provided an empty client certificate to connect to the ZTNA access proxy.
B.
Remote-Client provided an empty client certificate to connect to the ZTNA access proxy.
Answers
C.
Remote-Client provided an invalid certificate to connect to the ZTNA access proxy.
C.
Remote-Client provided an invalid certificate to connect to the ZTNA access proxy.
Answers
D.
Remote-Client failed the client certificate authentication.
D.
Remote-Client failed the client certificate authentication.
Answers
Suggested answer: D

Question 7

Report
Export
Collapse

Refer to the exhibits.

Which shows the configuration of endpoint policies.

Based on the configuration, what will happen when someone logs in with the user account student on an endpoint in the trainingAD domain?

A.
FortiClient EMS will assign the Sales policy
A.
FortiClient EMS will assign the Sales policy
Answers
B.
FortiClient EMS will assign the Training policy
B.
FortiClient EMS will assign the Training policy
Answers
C.
FortiClient EMS will assign the Default policy
C.
FortiClient EMS will assign the Default policy
Answers
D.
FortiClient EMS will assign the Training policy for on-fabric endpoints and the Sales policy for the off-fabric endpoint
D.
FortiClient EMS will assign the Training policy for on-fabric endpoints and the Sales policy for the off-fabric endpoint
Answers
Suggested answer: B

Explanation:

Based on the configuration shown in the exhibits:

There are three endpoint policies configured: Training, Sales, and Default.

The 'Training' policy is assigned to the 'trainingAD.training.lab' group.

The 'Sales' policy is assigned to 'All Groups' and 'trainingAD.training.lab/student.'

The 'Default' policy has no specific groups assigned.

When someone logs in with the user account 'student' on an endpoint in the 'trainingAD' domain:

The 'Training' policy is specifically assigned to the 'trainingAD.training.lab' group.

The 'Sales' policy includes 'trainingAD.training.lab/student' but not the general 'trainingAD.training.lab' group.

The system will prioritize the most specific match for the group.

Therefore, FortiClient EMS will assign the 'Training' policy to the 'student' account logging into the 'trainingAD' domain as it matches the group 'trainingAD.training.lab' directly.

Reference

FortiClient EMS 7.2 Study Guide, Endpoint Policy Configuration Section

FortiClient EMS Documentation on Group Policy Assignment and Matching

Question 8

Report
Export
Collapse

An administrator deploys a FortiClient installation through the Microsoft AD group policy After installation is complete all the custom configuration is missing.

What could have caused this problem?

A.
The FortiClient exe file is included in the distribution package
A.
The FortiClient exe file is included in the distribution package
Answers
B.
The FortiClient MST file is missing from the distribution package
B.
The FortiClient MST file is missing from the distribution package
Answers
C.
FortiClient does not have permission to access the distribution package.
C.
FortiClient does not have permission to access the distribution package.
Answers
D.
The FortiClient package is not assigned to the group
D.
The FortiClient package is not assigned to the group
Answers
Suggested answer: D

Explanation:

When deploying FortiClient via Microsoft AD Group Policy, it is essential to ensure that the deployment package is correctly assigned to the target group. The absence of custom configuration after installation can be due to several reasons, but the most likely cause is:

Deployment Package Assignment: The FortiClient package must be assigned to the appropriate group in Group Policy Management. If this step is missed, the installation may proceed, but the custom configurations will not be applied.

Thus, the administrator must ensure that the FortiClient package is correctly assigned to the group to include all custom configurations.

Reference

FortiClient EMS 7.2 Study Guide, Deployment and Installation Section

Fortinet Documentation on FortiClient Deployment using Microsoft AD Group Policy

Question 9

Report
Export
Collapse

Refer to the exhibits.

Based on the FortiGate Security Fabric settings shown in the exhibits, what must an administrator do on the EMS server to successfully quarantine an endpoint. when it is detected as a compromised host (loC)?

A.
The administrator must enable remote HTTPS access to EMS.
A.
The administrator must enable remote HTTPS access to EMS.
Answers
B.
The administrator must enable FQDN on EMS.
B.
The administrator must enable FQDN on EMS.
Answers
C.
The administrator must authorize FortiGate on FortiAnalyzer.
C.
The administrator must authorize FortiGate on FortiAnalyzer.
Answers
D.
The administrator must enable SSH access to EMS.
D.
The administrator must enable SSH access to EMS.
Answers
Suggested answer: A

Explanation:

Based on the FortiGate Security Fabric settings shown in the exhibits, to successfully quarantine an endpoint when it is detected as a compromised host (IOC), the following step is required:

Enable Remote HTTPS Access to EMS: This setting allows FortiGate to communicate securely with FortiClient EMS over HTTPS. Remote HTTPS access is essential for the quarantine functionality to operate correctly, enabling the EMS server to receive and act upon the quarantine commands from FortiGate.

Therefore, the administrator must enable remote HTTPS access to EMS to allow the quarantine process to function properly.

Reference

FortiGate Infrastructure 7.2 Study Guide, Security Fabric and Integration with EMS Sections

Fortinet Documentation on Enabling Remote HTTPS Access to FortiClient EMS

Question 10

Report
Export
Collapse

Exhibit.

Based on the FortiClient logs shown in the exhibit, which endpoint profile policy is currently applied lo the ForliClient endpoint from the EMS server?

A.
Fortinet-Training
A.
Fortinet-Training
Answers
B.
Default configuration policy c
B.
Default configuration policy c
Answers
C.
Compliance rules default
C.
Compliance rules default
Answers
D.
Default
D.
Default
Answers
Suggested answer: A

Explanation:

Observation of Logs:

The logs show a policy named 'Fortinet-Training' being applied to the endpoint.

Evaluating Policies:

The log entries indicate that the 'Fortinet-Training' policy was received and applied.

Conclusion:

Based on the logs, the currently applied policy on the FortiClient endpoint is 'Fortinet-Training'.

FortiClient EMS policy configuration and log analysis documentation from the study guides.

Total 55 questions
Go to page: of 6
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms