Ask Question
Fortinet NSE6_FNC-7.2 Practice Test - Questions Answers, Page 2
List of questions
Question 11
How are logical networks assigned to endpoints?
Through device profiling rules
Through network access policies
Through Layer 3 polling configurations
Through FortiGate IPv4 policies
Logical networks are assigned to endpoints through device profiling rules in FortiNAC. These networks appear in device Model Configuration views and are used for endpoint isolation based on the endpoint's state or status
Question 12
By default, if after a successful Layer 2 poll, more than 20 endpoints are seen connected on a single switch port simultaneously, what happens to the port?
The port becomes a threshold uplink
The port is disabled
The port is added to the Forced Registration group
The port is switched into the Dead-End VLAN
If more than 20 endpoints are seen connected on a single switch port simultaneously after a successful Layer 2 poll, the port is designated as an uplink. FortiNAC will ignore all physical addresses learned on an uplink port and will not perform any control operations on it
Question 13
An administrator wants the Host At Risk event to generate an alarm. What is used to achieve this result?
A security trigger activity
A security filter
An event to alarm mapping
An event to action mapping
To generate an alarm from a Host At Risk event, an administrative user must create an Event to Alarm Mapping for the Vulnerability Scan Failed event. Within this alarm mapping, a host security action must be designated to mark the host at risk
Question 14
Which three communication methods are used by FortiNAC to gather information from and control, infrastructure devices? (Choose three.)
CLI
SMTP
SNMP
FTP
RADIUS
FortiNAC Study Guide 7.2 | Page 11
FortiNAC uses various methods to communicate with infrastructure devices such as SNMP for discovery and ongoing management, SSH or Telnet through the CLI for tasks related to the infrastructure, and RADIUS for handling specific types of requests
Question 15
An administrator is configuring FortiNAC to manage FortiGate VPN users. As part of the configuration, the administrator must configure a few FortiGate firewall policies.
What is the purpose of the FortiGate firewall policy that applies to unauthorized VPN clients?
To deny access to only the production DNS server
To allow access to only the FortiNAC VPN interface
To allow access to only the production DNS server
To deny access to only the FortiNAC VPN interface
Question 16
Which two policy types can be created on a FortiNAC Control Manager? (Choose two.)
Authentication
Network Access
Endpoint Compliance
Supplicant EasvConnect
Network Access policies as a common type of policy in FortiNAC, used to dynamically provision access to connecting endpoints. While Authentication is typically a policy type in network access control systems like FortiNAC
Question 17
During the on-boarding process through the captive portal, what are two reasons why a host that successfully registered would remain stuck in the Registration VLAN? (Choose two.)
The wrong agent is installed.
The port default VLAN is the same as the Registration VLAN.
Bridging is enabled on the host.
There is another unregistered host on the same port.
Question 18
When FortiNAC is managing FortiGate VPN users, why is an endpoint compliance policy necessary?
To confirm installed security software
To validate the VPN user credentials
To designate the required agent type
To validate the VPN client being used
Question 19
In a wireless integration, what method does FortiNAC use to obtain connecting MAC address information?
SNMP traps
RADIUS
Endstation traffic monitoring
Link traps
In a wireless integration, FortiNAC uses RADIUS to obtain connecting MAC address information. This includes RADIUS requests to FortiNAC and subsequent RADIUS responses from FortiNAC to the requesting device
Question 20
Which two agents can validate endpoint compliance transparently to the end user? (Choose two.)
Dissolvable
Mobile
Passive
Persistent
Both dissolvable and persistent agents can be used to validate endpoint compliance transparently to the end user. The persistent agent stays resident on the endpoint and performs scheduled scans in the background. The dissolvable agent is a run-once agent that dissolves after reporting its results, leaving no footprint on the endpoint
Related questions
Export
If you didn't receive an email within 5 minutes, you should submit a support request to [email protected].
|
BASIC - 1 Month
$
10
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
|
PLUS - 2 Months
$
15
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
|
PRO - 6 Months
$
40
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
|
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
Selling illegal goods, money scams etc.
Serious attack on a group.
Harassing an individual (including doxing)
Threatening or glorifying violence or serious harm, including self-harm
Nudity/Sexual content
Sexually explicit or suggestive imagery or writing involving minors
Sexually explicit or suggestive imagery or writing involving non-consenting adults or non-humans
Reusing content without attribution (link and blockquotes)
Not in English or has very bad formatting, grammar, and spelling
Author's credential is offensive, spam, or impersonation
Ex. Illegal content, incomplete question...
Question