ExamGecko
Search Search Login
Home Home / Fortinet / NSE6_FNC-7.2

Fortinet NSE6_FNC-7.2 Practice Test - Questions Answers

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

What causes a host's state to change to 'at risk'?
What would occur if both an unknown (rogue) device and a known (trusted) device simultaneously appeared on a port that is a member of the Forced Registration port group?
Where do you look to determine when and why the FortiNAC made an automated network access change?
Which two of the following are required for endpoint compliance monitors? (Choose two.)
With enforcement for network access policies and at-risk hosts enabled, what will happen if a host matches a network access policy and has a state of 'at risk'?
When you create a user or host profile; which three criteria can you use? (Choose three.)
Which command line shell and scripting language does FortiNAC use for WinRM?
Which three of the following are components of a security rule? (Choose three.)
View the command and output. What is the state of database replication?
Refer to the exhibit. If you are forcing the registration of unknown (rogue) hosts, and an unknown (rogue) host connects to a port on the switch, what occurs?

Question 1

Report
Export
Collapse

With enforcement for network access policies and at-risk hosts enabled, what will happen if a host matches a network access policy and has a state of 'at risk'?

A.
The host is provisioned based on the default access defined by the point of connection.
A.
The host is provisioned based on the default access defined by the point of connection.
Answers
B.
The host is provisioned based on the network access policy.
B.
The host is provisioned based on the network access policy.
Answers
C.
The host is isolated.
C.
The host is isolated.
Answers
D.
The host is administratively disabled.
D.
The host is administratively disabled.
Answers
Suggested answer: C

Explanation:

https://training.fortinet.com/pluginfile.php/1912463/mod_resource/content/26/FortiNAC_7.2_Study_Guide-Online.pdf C. Page 327 - moved to the quarantine isolation network

Question 2

Report
Export
Collapse

View the command and output.

What is the state of database replication?

A.
Secondary to primary synchronization failed.
A.
Secondary to primary synchronization failed.
Answers
B.
Primary to secondary synchronization failed.
B.
Primary to secondary synchronization failed.
Answers
C.
Secondary to primary synchronization was successful.
C.
Secondary to primary synchronization was successful.
Answers
D.
Primary to secondary database synchronization was successful.
D.
Primary to secondary database synchronization was successful.
Answers
Suggested answer: D

Question 3

Report
Export
Collapse

Refer to the exhibit.

What would happen if the highlighted port with connected hosts was placed in both the Forced Registration and Forced Remediation port groups?

A.
Multiple enforcement groups could not contain the same port.
A.
Multiple enforcement groups could not contain the same port.
Answers
B.
Only the higher ranked enforcement group would be applied.
B.
Only the higher ranked enforcement group would be applied.
Answers
C.
Both types of enforcement would be applied.
C.
Both types of enforcement would be applied.
Answers
D.
Enforcement would be applied only to rogue hosts.
D.
Enforcement would be applied only to rogue hosts.
Answers
Suggested answer: C

Question 4

Report
Export
Collapse

Which connecting endpoints are evaluated against all enabled device profiling rules?

A.
All hosts, each time they connect
A.
All hosts, each time they connect
Answers
B.
Rogues devices, only when they connect for the first time
B.
Rogues devices, only when they connect for the first time
Answers
C.
Known trusted devices each time they change location
C.
Known trusted devices each time they change location
Answers
D.
Rogues devices, each time they connect
D.
Rogues devices, each time they connect
Answers
Suggested answer: D

Explanation:

FortiNAC process to classify rogue devices and create an organized inventory of known trusted registered devices.

Question 5

Report
Export
Collapse

Which agent is used only as part of a login script?

A.
Mobile
A.
Mobile
Answers
B.
Passive
B.
Passive
Answers
C.
Persistent
C.
Persistent
Answers
D.
Dissolvable
D.
Dissolvable
Answers
Suggested answer: B

Explanation:

If the logon script runs the logon application in persistent mode, configure your Active Directory server not to run scripts synchronously.

Question 6

Report
Export
Collapse

An administrator is configuring FortiNAC to manage FortiGate VPN users. As part of the configuration, the administrator must configure a few FortiGate firewall policies.

What is the purpose of the FortiGate firewall policy that applies to unauthorized VPN clients?

A.
To deny access to only the production DNS server
A.
To deny access to only the production DNS server
Answers
B.
To allow access to only the FortiNAC VPN interface
B.
To allow access to only the FortiNAC VPN interface
Answers
C.
To allow access to only the production DNS server
C.
To allow access to only the production DNS server
Answers
D.
To deny access to only the FortiNAC VPN interface
D.
To deny access to only the FortiNAC VPN interface
Answers
Suggested answer: B

Question 7

Report
Export
Collapse

Which two policy types can be created on a FortiNAC Control Manager? (Choose two.)

A.
Authentication
A.
Authentication
Answers
B.
Network Access
B.
Network Access
Answers
C.
Endpoint Compliance
C.
Endpoint Compliance
Answers
D.
Supplicant EasvConnect
D.
Supplicant EasvConnect
Answers
Suggested answer: B, C

Question 8

Report
Export
Collapse

Which system group will force at-risk hosts into the quarantine network, based on point of connection?

A.
Physical Address Filtering
A.
Physical Address Filtering
Answers
B.
Forced Quarantine
B.
Forced Quarantine
Answers
C.
Forced Isolation
C.
Forced Isolation
Answers
D.
Forced Remediation
D.
Forced Remediation
Answers
Suggested answer: B

Explanation:

Forced Quarantine, study guide 7.2 pag 245 and 248

Question 9

Report
Export
Collapse

How are logical networks assigned to endpoints?

A.
Through device profiling rules
A.
Through device profiling rules
Answers
B.
Through network access policies
B.
Through network access policies
Answers
C.
Through Layer 3 polling configurations
C.
Through Layer 3 polling configurations
Answers
D.
Through FortiGate IPv4 policies
D.
Through FortiGate IPv4 policies
Answers
Suggested answer: B

Question 10

Report
Export
Collapse

By default, if after a successful Layer 2 poll, more than 20 endpoints are seen connected on a single switch port simultaneously, what happens to the port?

A.
The port becomes a threshold uplink
A.
The port becomes a threshold uplink
Answers
B.
The port is disabled
B.
The port is disabled
Answers
C.
The port is added to the Forced Registration group
C.
The port is added to the Forced Registration group
Answers
D.
The port is switched into the Dead-End VLAN
D.
The port is switched into the Dead-End VLAN
Answers
Suggested answer: A
Total 47 questions
Go to page: of 5
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms