ExamGecko
Search Search Login
Home Home / Fortinet / NSE6_FWF-6.4
Ask QuestionAsk Question

Fortinet NSE6_FWF-6.4 Practice Test - Questions Answers

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which statement is correct about security profiles on FortiAP devices?
A tunnel mode wireless network is configured on a FortiGate wireless controller. Which task must be completed before the wireless network can be used?
As a network administrator, you are responsible for managing an enterprise secure wireless LAN. The controller is based in the United States, and you have been asked to deploy a number of managed APs in a remote office in Germany. What is the correct way to ensure that the RF channels and transmission power limits are appropriately configured for the remote APs?
As standard best practice, which configuration should be performed before configuring FortiAPs using a FortiGate wireless controller?
Refer to the exhibits. Exhibit A Exhibit B Exhibit C A wireless network has been installed in a small office building and is being used by a business to connect its wireless clients. The network is used for multiple purposes, including corporate access, guest access, and connecting point-of-sale and Io devices. Users connecting to the guest network located in the reception area are reporting slow performance. The network administrator is reviewing the information shown in the exhibits as part of the ongoing investigation of the problem. They show the profile used for the AP and the controller RF analysis output together with a screenshot of the GUI showing a summary of the AP and its neighboring APs. To improve performance for the users connecting to the guest network in this area, which configuration change is most likely to improve performance?
When using FortiPresence as a captive portal, which two types of public authentication services can be used to access guest Wi-Fi? (Choose two.)
How are wireless clients assigned to a dynamic VLAN configured for hash mode?
Which statement is correct about security profiles on FortiAP devices?
Refer to the exhibit. If the signal is set to -68 dB on the FortiPlanner site survey reading, which statement is correct regarding the coverage area?
Refer to the exhibits. Exhibit A Exhibit B A wireless network has been created to support a group of users in a specific area of a building. The wireless network is configured but users are unable to connect to it. The exhibits show the relevant controller configuration for the APs and the wireless network. Which two configuration changes will resolve the issue? (Choose two.)

Question 1

Report
Export
Collapse

Refer to the exhibit.

What does the asterisk (*) symbol beside the channel mean?

A.

Indicates channels that can be used only when Radio Resource Provisioning is enabled

A.

Indicates channels that can be used only when Radio Resource Provisioning is enabled
Answers
B.

Indicates channels that cannot be used because of regulatory channel restrictions

B.

Indicates channels that cannot be used because of regulatory channel restrictions
Answers
C.

Indicates channels that will be scanned by the Wireless Intrusion Detection System (WIDS)

C.

Indicates channels that will be scanned by the Wireless Intrusion Detection System (WIDS)
Answers
D.

Indicates channels that are subject to dynamic frequency selection (DFS) regulations

D.

Indicates channels that are subject to dynamic frequency selection (DFS) regulations
Answers
Suggested answer: D

Explanation:

This frequencies are also used by other licensed applications, wireless LANs have to use a specific method to gain access to certain higher frequencies and this method is known as DFS.

asked 22/12/2024
Ahmed Khalifa
47 questions

Question 2

Report
Export
Collapse

What is the first discovery method used by FortiAP to locate the FortiGate wireless controller in the default configuration?

A.

DHCP

A.

DHCP
Answers
B.

Static

B.

Static
Answers
C.

Broadcast

C.

Broadcast
Answers
D.

Multicast

D.

Multicast
Answers
Suggested answer: B

Explanation:

According to the web search results, the first discovery method used by FortiAP to locate the FortiGate wireless controller in the default configuration is static. This means that the FortiAP sends discovery requests to a preconfigured IP address that the controller owns. This is useful if the FortiAP and the controller are not in the same subnet and other discovery methods will not work. The other discovery methods are used in sequence if the static method fails or is not configured.

Reference:Advanced WiFi controller discovery | FortiAP / FortiWiFi 7.4.0

asked 22/12/2024
Angel Castillo
32 questions

Question 3

Report
Export
Collapse

When deploying a wireless network that is authenticated using EAP PEAP, which two configurations are required? (Choose two.)

A.

An X.509 certificate to authenticate the client

A.

An X.509 certificate to authenticate the client
Answers
B.

An X.509 to authenticate the authentication server

B.

An X.509 to authenticate the authentication server
Answers
C.

A WPA2 or WPA3 personal wireless network

C.

A WPA2 or WPA3 personal wireless network
Answers
D.

A WPA2 or WPA3 Enterprise wireless network

D.

A WPA2 or WPA3 Enterprise wireless network
Answers
Suggested answer: B, D
asked 22/12/2024
Pedro Faro
29 questions

Question 4

Report
Export
Collapse

Which statement is correct about security profiles on FortiAP devices?

A.

Security profiles on FortiAP devices can use FortiGate subscription to inspect the traffic

A.

Security profiles on FortiAP devices can use FortiGate subscription to inspect the traffic
Answers
B.

Only bridge mode SSIDs can apply the security profiles

B.

Only bridge mode SSIDs can apply the security profiles
Answers
C.

Disable DTLS on FortiAP

C.

Disable DTLS on FortiAP
Answers
D.

FortiGate performs inspection the wireless traffic

D.

FortiGate performs inspection the wireless traffic
Answers
Suggested answer: B

Explanation:

If a bridge mode SSID is configured for a managed FortiAP, you can add a security profile group to the wireless controller, if the FortiAP model supports the security profile. This is supported only in bridge mode.

asked 22/12/2024
Aleksandar Jovasevic
45 questions

Question 5

Report
Export
Collapse

How are wireless clients assigned to a dynamic VLAN configured for hash mode?

A.

Using the current number of wireless clients connected to the SSID and the number of IPs available in the least busy VLAN

A.

Using the current number of wireless clients connected to the SSID and the number of IPs available in the least busy VLAN
Answers
B.

Using the current number of wireless clients connected to the SSID and the number of clients allocated to each of the VLANs

B.

Using the current number of wireless clients connected to the SSID and the number of clients allocated to each of the VLANs
Answers
C.

Using the current number of wireless clients connected to the SSID and the number of VLANs available in the pool

C.

Using the current number of wireless clients connected to the SSID and the number of VLANs available in the pool
Answers
D.

Using the current number of wireless clients connected to the SSID and the group the FortiAP is a member of

D.

Using the current number of wireless clients connected to the SSID and the group the FortiAP is a member of
Answers
Suggested answer: C

Explanation:

VLAN from the VLAN pool based on a hash of the current number of SSID clients and the number of entries in the VLAN pool.

asked 22/12/2024
Roman Roman
35 questions

Question 6

Report
Export
Collapse

A tunnel mode SSID is configured on a FortiGate wireless controller.

Which task must be completed before the SSID can be used?

A.

The new network must be manually assigned to a FortiAP profile.

A.

The new network must be manually assigned to a FortiAP profile.
Answers
B.

The wireless network interface must be assigned a Layer 3 address.

B.

The wireless network interface must be assigned a Layer 3 address.
Answers
C.

Security Fabric and HTTPS must be enabled on the wireless network interface.

C.

Security Fabric and HTTPS must be enabled on the wireless network interface.
Answers
D.

The wireless network to Internet firewall policy must be configured.

D.

The wireless network to Internet firewall policy must be configured.
Answers
Suggested answer: B

Explanation:

The wireless network interface must be assigned a Layer 3 address because it acts as the gateway for the tunnel mode SSID traffic. The FortiGate wireless controller uses this interface to communicate with the FortiAPs and the wireless clients. Without a valid IP address, the tunnel mode SSID cannot function properly.

Reference:Secure Wireless LAN Course Description, page 5; [FortiOS 6.4.0 Handbook - Wireless Controller], page 24.

asked 22/12/2024
Sukhpreet Sidhu
40 questions

Question 7

Report
Export
Collapse

When using FortiPresence as a captive portal, which two types of public authentication services can be used to access guest Wi-Fi? (Choose two.)

A.

Social networks authentication

A.

Social networks authentication
Answers
B.

Software security token authentication

B.

Software security token authentication
Answers
C.

Short message service authentication

C.

Short message service authentication
Answers
D.

Hardware security token authentication

D.

Hardware security token authentication
Answers
Suggested answer: A, C

Explanation:

According to the web search results, FortiPresence supports social networks authentication and short message service authentication as public authentication services for guest Wi-Fi access. Social networks authentication allows visitors to log in using their existing social media accounts, such as Facebook, Twitter, LinkedIn, Google, and Instagram. Short message service authentication allows visitors to receive a one-time password via SMS to their mobile phone number. These authentication methods are convenient and secure for visitors and provide valuable data for businesses. Software security token authentication and hardware security token authentication are not supported by FortiPresence as public authentication services for guest Wi-Fi access.

Reference:Configuring Captive Portal | FortiPresence 1.2.0,Configuring Captive Portal | FortiPresence 22.4.0

asked 22/12/2024
Wilco Gent
32 questions

Question 8

Report
Export
Collapse

Six APs are located in a remotely based branch office and are managed by a centrally hosted FortiGate. Multiple wireless users frequently connect and roam between the APs in the remote office.

The network they connect to, is secured with WPA2-PSK. As currently configured, the WAN connection between the branch office and the centrally hosted FortiGate is unreliable.

Which configuration would enable the most reliable wireless connectivity for the remote clients?

A.

Configure a tunnel mode wireless network and enable split tunneling to the local network

A.

Configure a tunnel mode wireless network and enable split tunneling to the local network
Answers
B.

Configure a bridge mode wireless network and enable the Local standalone configuration option

B.

Configure a bridge mode wireless network and enable the Local standalone configuration option
Answers
C.

Configure a bridge mode wireless network and enable the Local authentication configuration option

C.

Configure a bridge mode wireless network and enable the Local authentication configuration option
Answers
D.

Install supported FortiAP and configure a bridge mode wireless network

D.

Install supported FortiAP and configure a bridge mode wireless network
Answers
Suggested answer: B

Explanation:

Look for ''Continued FortiAP operation when WiFi controller connection is down'' im the link here: https://docs.fortinet.com/document/fortiap/7.0.4/fortiwifi-and-fortiap-configuration-guide/442078/how-to-configure-a-fortiap-local-bridge-private-cloud-managed-ap

asked 22/12/2024
Suraj Porwal
36 questions

Question 9

Report
Export
Collapse

Which of the following is a requirement to generate analytic reports using on-site FortiPresence deployment?

A.

SQL services must be running

A.

SQL services must be running
Answers
B.

Two wireless APs must be sending data

B.

Two wireless APs must be sending data
Answers
C.

DTLS encryption on wireless traffic must be turned off

C.

DTLS encryption on wireless traffic must be turned off
Answers
D.

Wireless network security must be set to open

D.

Wireless network security must be set to open
Answers
Suggested answer: A

Explanation:

https://docs.fortinet.com/document/fortipresence-vm/1.2.0/administration-guide/546812/introduction

asked 22/12/2024
Donna Brown
38 questions

Question 10

Report
Export
Collapse

Which two statements about distributed automatic radio resource provisioning (DARRP) are correct? (Choose two.)

A.

DARRP performs continuous spectrum analysis to detect sources of interference. It uses this information to allow the AP to select the optimum channel.

A.

DARRP performs continuous spectrum analysis to detect sources of interference. It uses this information to allow the AP to select the optimum channel.
Answers
B.

DARRP performs measurements of the number of BSSIDs and their signal strength (RSSI). The controller then uses this information to select the optimum channel for the AP.

B.

DARRP performs measurements of the number of BSSIDs and their signal strength (RSSI). The controller then uses this information to select the optimum channel for the AP.
Answers
C.

DARRP measurements can be scheduled to occur at specific times.

C.

DARRP measurements can be scheduled to occur at specific times.
Answers
D.

DARRP requires that wireless intrusion detection (WIDS) be enabled to detect neighboring devices.

D.

DARRP requires that wireless intrusion detection (WIDS) be enabled to detect neighboring devices.
Answers
Suggested answer: B, C

Explanation:

According to Fortinet training: 'When using DARRP, the AP selects the best channel available to use based on the scan results of BSSID/receive signal strength (RSSI) to AC' and 'To set the running time for DARRP optimization, use the following CLI command within the wireless controller setting: set darrp-optimize {integer}. Note that DARRP doesn't do continuous spectrum analysis...'

asked 22/12/2024
Adrien Gallais
38 questions
Total 35 questions
Go to page: of 4
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy policy
Terms
Disclaimer
Refund policy
Copyright
Twitter X
Facebook
Medium