ExamGecko
Search Search Login
Home Home / Fortinet / FCP_FCT_AD-7.2

Fortinet FCP_FCT_AD-7.2 Practice Test - Questions Answers, Page 4

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Refer to the exhibit. Based on the settings shown in the exhibit, which two actions must the administrator take to make the endpoint compliant? (Choose two.)
Refer to the exhibit. An administrator has restored the modified XML configuration file to FortiClient and sees the error shown in the exhibit. Based on the XML settings shown in the exhibit, what must the administrator do to resolve the issue with the XML configuration file?
Refer to the exhibit, which shows the endpoint summary information on FortiClient EMS. What two conclusions can you make based on the Remote-Client status shown above? (Choose two.)
What does FortiClient do as a fabric agent? (Choose two.)
Refer to the exhibit, which shows the Zero Trust Tagging Rule Set configuration. Which two statements about the rule set are true? (Choose two.)
An administrator has a requirement to add user authentication to the ZTNA access for remote or off-fabric users Which FortiGate feature is required m addition to ZTNA?
Refer to the exhibit. Based on the FortiClient tog details shown in the exhibit, which two statements ace true? (Choose two.)
Refer to the exhibits. Based on the FortiGate Security Fabric settings shown in the exhibits, what must an administrator do on the EMS server to successfully quarantine an endpoint. when it is detected as a compromised host (loC)?
Which statement about the FortiClient enterprise management server is true?
Which statement about FortiClient enterprise management server is true?

Question 31

Report
Export
Collapse

Which three types of antivirus scans are available on FortiClient? (Choose three )

A.
Proxy scan
A.
Proxy scan
Answers
B.
Full scan
B.
Full scan
Answers
C.
Custom scan
C.
Custom scan
Answers
D.
Flow scan
D.
Flow scan
Answers
E.
Quick scan
E.
Quick scan
Answers
Suggested answer: B, C, E

Explanation:

FortiClient offers several types of antivirus scans to ensure comprehensive protection:

Full scan: Scans the entire system for malware, including all files and directories.

Custom scan: Allows the user to specify particular files, directories, or drives to be scanned.

Quick scan: Scans the most commonly infected areas of the system, providing a faster scanning option.

These three types of scans provide flexibility and thoroughness in detecting and managing malware threats.

Reference

FortiClient EMS 7.2 Study Guide, Antivirus Scanning Options Section

Fortinet Documentation on Types of Antivirus Scans in FortiClient

Question 32

Report
Export
Collapse

Which component or device shares device status information through ZTNA telemetry?

A.
FortiClient
A.
FortiClient
Answers
B.
FortiGate
B.
FortiGate
Answers
C.
FortiGate Access Proxy
C.
FortiGate Access Proxy
Answers
D.
FortiClient EMS
D.
FortiClient EMS
Answers
Suggested answer: A

Explanation:

FortiClient communicates directly with FortiClient EMS to continuously share device status information through ZTNA telemetry.

Question 33

Report
Export
Collapse

Refer to the exhibit, which shows the endpoint summary information on FortiClient EMS.

What two conclusions can you make based on the Remote-Client status shown above? (Choose two.)

A.
The endpoint is classified as at risk.
A.
The endpoint is classified as at risk.
Answers
B.
The endpoint has been assigned the Default endpoint policy.
B.
The endpoint has been assigned the Default endpoint policy.
Answers
C.
The endpoint is configured to support FortiSandbox.
C.
The endpoint is configured to support FortiSandbox.
Answers
D.
The endpoint is currently off-net.
D.
The endpoint is currently off-net.
Answers
Suggested answer: B, D

Explanation:

Based on the Remote-Client status shown in the exhibit:

Endpoint Policy: The 'Policy' field shows 'Default,' indicating that the endpoint has been assigned the Default endpoint policy.

Connection Status: The 'Location' field shows 'Off-Fabric,' meaning that the endpoint is currently off the corporate network (off-net).

Therefore, the two conclusions that can be made are:

The endpoint has been assigned the Default endpoint policy.

The endpoint is currently off-net.

Reference

FortiClient EMS 7.2 Study Guide, Endpoint Summary Information Section

Fortinet Documentation on Endpoint Policies and Status Indicators

Question 34

Report
Export
Collapse

A new chrome book is connected in a school's network.

Which component can the EMS administrator use to manage the FortiClient web filter extension installed on the Google Chromebook endpoint?

A.
FortiClient EMS
A.
FortiClient EMS
Answers
B.
FortiClient site categories
B.
FortiClient site categories
Answers
C.
FortiClient customer URL list
C.
FortiClient customer URL list
Answers
D.
FortiClient web filter extension
D.
FortiClient web filter extension
Answers
Suggested answer: D

Explanation:

 

Question 35

Report
Export
Collapse

Which statement about FortiClient comprehensive endpoint protection is true?

A.
It helps to safeguard systems from email spam
A.
It helps to safeguard systems from email spam
Answers
B.
It helps to safeguard systems from data loss.
B.
It helps to safeguard systems from data loss.
Answers
C.
It helps to safeguard systems from DDoS.
C.
It helps to safeguard systems from DDoS.
Answers
D.
lt helps to safeguard systems from advanced security threats, such as malware.
D.
lt helps to safeguard systems from advanced security threats, such as malware.
Answers
Suggested answer: D

Explanation:

FortiClient provides comprehensive endpoint protection for your Windows-based, Mac-based, and Linuxbased desktops, laptops, file servers, and mobile devices such as iOS and Android. It helps you to safeguard your systems with advanced security technologies, all of which you can manage from a single management console.

Question 36

Report
Export
Collapse

Refer to the exhibit.

Based on the Security Fabric automation settings, what action will be taken on compromised endpoints?

A.
Endpoints will be quarantined through EMS
A.
Endpoints will be quarantined through EMS
Answers
B.
Endpoints will be banned on FortiGate
B.
Endpoints will be banned on FortiGate
Answers
C.
An email notification will be sent for compromised endpoints
C.
An email notification will be sent for compromised endpoints
Answers
D.
Endpoints will be quarantined through FortiSwitch
D.
Endpoints will be quarantined through FortiSwitch
Answers
Suggested answer: A

Explanation:

Based on the Security Fabric automation settings shown in the exhibit:

The automation stitch is configured with a trigger for a 'Compromised Host.'

The action specified for this trigger is 'Quarantine FortiClient via EMS.'

This indicates that when an endpoint is detected as compromised, FortiClient EMS will quarantine the endpoint as part of the automation process.

Therefore, the action taken on compromised endpoints will be to quarantine them through EMS.

Reference

FortiGate Security 7.2 Study Guide, Automation Stitches and Actions Section

Fortinet Documentation on Configuring Automation Stitches and Quarantine Actions

Question 37

Report
Export
Collapse

Which two VPN types can a FortiClient endpoint user inmate from the Windows command prompt? (Choose two)

A.
L2TP
A.
L2TP
Answers
B.
PPTP
B.
PPTP
Answers
C.
IPSec
C.
IPSec
Answers
D.
SSL VPN
D.
SSL VPN
Answers
Suggested answer: C, D

Explanation:

FortiClient supports initiating the following VPN types from the Windows command prompt:

IPSec VPN: FortiClient can establish IPSec VPN connections using command line instructions.

SSL VPN: FortiClient also supports initiating SSL VPN connections from the Windows command prompt.

These two VPN types can be configured and initiated using specific command line parameters provided by FortiClient.

Reference

FortiClient EMS 7.2 Study Guide, VPN Configuration Section

Fortinet Documentation on Command Line Options for FortiClient VPN

Question 38

Report
Export
Collapse

Refer to the exhibit, which shows the Zero Trust Tagging Rule Set configuration.

Which two statements about the rule set are true? (Choose two.)

A.
The endpoint must satisfy that only Windows 10 is running.
A.
The endpoint must satisfy that only Windows 10 is running.
Answers
B.
The endpoint must satisfy that only AV software is installed and running.
B.
The endpoint must satisfy that only AV software is installed and running.
Answers
C.
The endpoint must satisfy that antivirus is installed and running and Windows 10 is running.
C.
The endpoint must satisfy that antivirus is installed and running and Windows 10 is running.
Answers
D.
The endpoint must satisfy that only Windows Server 2012 R2 is running.
D.
The endpoint must satisfy that only Windows Server 2012 R2 is running.
Answers
Suggested answer: C, D

Explanation:

Based on the Zero Trust Tagging Rule Set configuration shown in the exhibit:

The rule set includes two conditions:

AV Software is installed and running

OS Version is Windows Server 2012 R2 or Windows 10

The Rule Logic is specified as '(1 and 3) or 2,' meaning:

The endpoint must have antivirus software installed and running and must be running Windows 10.

Alternatively, the endpoint must be running Windows Server 2012 R2.

Therefore, the endpoint must satisfy either:

Antivirus is installed and running and Windows 10 is running.

Windows Server 2012 R2 is running.

Reference

FortiClient EMS 7.2 Study Guide, Zero Trust Tagging Rule Set Configuration Section

Fortinet Documentation on Configuring Zero Trust Tagging Rules and Logic


Question 39

Report
Export
Collapse

Refer to the exhibit.

Based on The settings shown in The exhibit, which statement about FortiClient behaviour is Hue?

A.
FortiClient scans infected files when the user copies files to the Resources folder.
A.
FortiClient scans infected files when the user copies files to the Resources folder.
Answers
B.
FortiClient quarantines infected ties and reviews later, after scanning them.
B.
FortiClient quarantines infected ties and reviews later, after scanning them.
Answers
C.
FortiClient copies infected files to the Resources folder without scanning them.
C.
FortiClient copies infected files to the Resources folder without scanning them.
Answers
D.
FortiClient blocks and deletes infected files after scanning them.
D.
FortiClient blocks and deletes infected files after scanning them.
Answers
Suggested answer: A

Explanation:

Based on the settings shown in the exhibit, FortiClient is configured toscan files as they are downloaded or copiedto the system. This means that if a user copies files to the ''Resources'' folder, which is not listed under exclusions, FortiClient will scan these files for infections. The exclusion path mentioned in the settings, 'C:\Users\Administrator\Desktop\Resources', indicates that any files copied to this specific folder will not be scanned, but since the question implies that the ''Resources'' folder is not the same as the excluded path, FortiClient will indeed scan the files for infections.

Question 40

Report
Export
Collapse

What action does FortiClient anti-exploit detection take when it detects exploits?

A.
Deletes the compromised application process
A.
Deletes the compromised application process
Answers
B.
Patches the compromised application process
B.
Patches the compromised application process
Answers
C.
Blocks memory allocation to the compromised application process
C.
Blocks memory allocation to the compromised application process
Answers
D.
Terminates the compromised application process
D.
Terminates the compromised application process
Answers
Suggested answer: B

Explanation:

 

Total 55 questions
Go to page: of 6
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms