ExamGecko
Search Search Login
Home Home / Fortinet / NSE6_FNC-7.2

Fortinet NSE6_FNC-7.2 Practice Test - Questions Answers, Page 2

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

What causes a host's state to change to 'at risk'?
What would occur if both an unknown (rogue) device and a known (trusted) device simultaneously appeared on a port that is a member of the Forced Registration port group?
Where do you look to determine when and why the FortiNAC made an automated network access change?
Which two of the following are required for endpoint compliance monitors? (Choose two.)
With enforcement for network access policies and at-risk hosts enabled, what will happen if a host matches a network access policy and has a state of 'at risk'?
When you create a user or host profile; which three criteria can you use? (Choose three.)
Which command line shell and scripting language does FortiNAC use for WinRM?
Which three of the following are components of a security rule? (Choose three.)
View the command and output. What is the state of database replication?
Refer to the exhibit. If you are forcing the registration of unknown (rogue) hosts, and an unknown (rogue) host connects to a port on the switch, what occurs?

Question 11

Report
Export
Collapse

An administrator wants the Host At Risk event to generate an alarm. What is used to achieve this result?

A.
A security trigger activity
A.
A security trigger activity
Answers
B.
A security filter
B.
A security filter
Answers
C.
An event to alarm mapping
C.
An event to alarm mapping
Answers
D.
An event to action mapping
D.
An event to action mapping
Answers
Suggested answer: C

Question 12

Report
Export
Collapse

Which three communication methods are used by FortiNAC to gather information from and control, infrastructure devices? (Choose three.)

A.
CLI
A.
CLI
Answers
B.
SMTP
B.
SMTP
Answers
C.
SNMP
C.
SNMP
Answers
D.
FTP
D.
FTP
Answers
E.
RADIUS
E.
RADIUS
Answers
Suggested answer: A, C, E

Explanation:

FortiNAC Study Guide 7.2 | Page 11

Question 13

Report
Export
Collapse

Which three are components of a security rule? (Choose three.)

A.
Methods
A.
Methods
Answers
B.
Security String
B.
Security String
Answers
C.
Trigger
C.
Trigger
Answers
D.
User or host profile
D.
User or host profile
Answers
E.
Action
E.
Action
Answers
Suggested answer: C, D, E

Question 14

Report
Export
Collapse

Refer to the exhibit.

If a host is connected to a port in the Building 1 First Floor Ports group, what must also be true to match this user/host profile?

A.
The host must have a role value of contractor, an installed persistent agent or a security access value of contractor, and be connected between 6 AM and 5 PM.
A.
The host must have a role value of contractor, an installed persistent agent or a security access value of contractor, and be connected between 6 AM and 5 PM.
Answers
B.
The host must have a role value of contractor or an installed persistent agent, a security access value of contractor, and be connected between 9 AM and 5 PM.
B.
The host must have a role value of contractor or an installed persistent agent, a security access value of contractor, and be connected between 9 AM and 5 PM.
Answers
C.
The host must have a role value of contractor or an installed persistent agent and a security access value of contractor, and be connected between 6 AM and 5 PM.
C.
The host must have a role value of contractor or an installed persistent agent and a security access value of contractor, and be connected between 6 AM and 5 PM.
Answers
D.
The host must have a role value of contractor or an installed persistent agent or a security access value of contractor, and be connected between 6 AM and 5 PM.
D.
The host must have a role value of contractor or an installed persistent agent or a security access value of contractor, and be connected between 6 AM and 5 PM.
Answers
Suggested answer: D

Question 15

Report
Export
Collapse

Refer to the exhibit.

Considering the host status of the two hosts connected to the same wired port, what will happen if the port is a member of the Forced Registration port group?

A.
The port will be provisioned for the normal state host, and both hosts will have access to that VLAN.
A.
The port will be provisioned for the normal state host, and both hosts will have access to that VLAN.
Answers
B.
The port will not be managed, and an event will be generated.
B.
The port will not be managed, and an event will be generated.
Answers
C.
The port will be provisioned to the registration network, and both hosts will be isolated.
C.
The port will be provisioned to the registration network, and both hosts will be isolated.
Answers
D.
The port will be administratively shut down.
D.
The port will be administratively shut down.
Answers
Suggested answer: C

Question 16

Report
Export
Collapse

During the on-boarding process through the captive portal, what are two reasons why a host that successfully registered would remain stuck in the Registration VLAN? (Choose two.)

A.
The wrong agent is installed.
A.
The wrong agent is installed.
Answers
B.
The port default VLAN is the same as the Registration VLAN.
B.
The port default VLAN is the same as the Registration VLAN.
Answers
C.
Bridging is enabled on the host.
C.
Bridging is enabled on the host.
Answers
D.
There is another unregistered host on the same port.
D.
There is another unregistered host on the same port.
Answers
Suggested answer: B, D

Question 17

Report
Export
Collapse

When FortiNAC is managing FortiGate VPN users, why is an endpoint compliance policy necessary?

A.
To confirm installed security software
A.
To confirm installed security software
Answers
B.
To validate the VPN user credentials
B.
To validate the VPN user credentials
Answers
C.
To designate the required agent type
C.
To designate the required agent type
Answers
D.
To validate the VPN client being used
D.
To validate the VPN client being used
Answers
Suggested answer: A

Question 18

Report
Export
Collapse

In a wireless integration, what method does FortiNAC use to obtain connecting MAC address information?

A.
SNMP traps
A.
SNMP traps
Answers
B.
RADIUS
B.
RADIUS
Answers
C.
Endstation traffic monitoring
C.
Endstation traffic monitoring
Answers
D.
Link traps
D.
Link traps
Answers
Suggested answer: B

Question 19

Report
Export
Collapse

Which two agents can validate endpoint compliance transparently to the end user? (Choose two.)

A.
Dissolvable
A.
Dissolvable
Answers
B.
Mobile
B.
Mobile
Answers
C.
Passive
C.
Passive
Answers
D.
Persistent
D.
Persistent
Answers
Suggested answer: B, D

Question 20

Report
Export
Collapse

Which two things must be done to allow FortiNAC to process incoming syslog messages from an unknown vendor? (Choose two.)

A.
A security event parser must be created for the device.
A.
A security event parser must be created for the device.
Answers
B.
The device sending the messages must be modeled in the Network Inventory view.
B.
The device sending the messages must be modeled in the Network Inventory view.
Answers
C.
The device must be added as a patch management server.
C.
The device must be added as a patch management server.
Answers
D.
The device must be added as a log receiver.
D.
The device must be added as a log receiver.
Answers
Suggested answer: A, D
Total 47 questions
Go to page: of 5
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms