ExamGecko
Login
Home / Fortinet / NSE6_FWF-6.4 / List of questions
Ask Question

Fortinet NSE6_FWF-6.4 Practice Test - Questions Answers

Add to Whishlist

List of questions

Question 1

Report Export Collapse

Refer to the exhibit.

Fortinet NSE6_FWF-6.4 image Question 1 133281 12222024234406000000

What does the asterisk (*) symbol beside the channel mean?

Indicates channels that can be used only when Radio Resource Provisioning is enabled

Indicates channels that can be used only when Radio Resource Provisioning is enabled

Indicates channels that cannot be used because of regulatory channel restrictions

Indicates channels that cannot be used because of regulatory channel restrictions

Indicates channels that will be scanned by the Wireless Intrusion Detection System (WIDS)

Indicates channels that will be scanned by the Wireless Intrusion Detection System (WIDS)

Indicates channels that are subject to dynamic frequency selection (DFS) regulations

Indicates channels that are subject to dynamic frequency selection (DFS) regulations

Suggested answer: D
Explanation:

This frequencies are also used by other licensed applications, wireless LANs have to use a specific method to gain access to certain higher frequencies and this method is known as DFS.

asked 22/12/2024
Ahmed Khalifa
52 questions

Question 2

Report Export Collapse

What is the first discovery method used by FortiAP to locate the FortiGate wireless controller in the default configuration?

DHCP

DHCP

Static

Static

Broadcast

Broadcast

Multicast

Multicast

Suggested answer: B
Explanation:

According to the web search results, the first discovery method used by FortiAP to locate the FortiGate wireless controller in the default configuration is static. This means that the FortiAP sends discovery requests to a preconfigured IP address that the controller owns. This is useful if the FortiAP and the controller are not in the same subnet and other discovery methods will not work. The other discovery methods are used in sequence if the static method fails or is not configured.

Reference:Advanced WiFi controller discovery | FortiAP / FortiWiFi 7.4.0

asked 22/12/2024
Angel Castillo
37 questions

Question 3

Report Export Collapse

When deploying a wireless network that is authenticated using EAP PEAP, which two configurations are required? (Choose two.)

An X.509 certificate to authenticate the client

An X.509 certificate to authenticate the client

An X.509 to authenticate the authentication server

An X.509 to authenticate the authentication server

A WPA2 or WPA3 personal wireless network

A WPA2 or WPA3 personal wireless network

A WPA2 or WPA3 Enterprise wireless network

A WPA2 or WPA3 Enterprise wireless network

Suggested answer: B, D
asked 22/12/2024
Pedro Faro
38 questions

Question 4

Report Export Collapse

Which statement is correct about security profiles on FortiAP devices?

Security profiles on FortiAP devices can use FortiGate subscription to inspect the traffic

Security profiles on FortiAP devices can use FortiGate subscription to inspect the traffic

Only bridge mode SSIDs can apply the security profiles

Only bridge mode SSIDs can apply the security profiles

Disable DTLS on FortiAP

Disable DTLS on FortiAP

FortiGate performs inspection the wireless traffic

FortiGate performs inspection the wireless traffic

Suggested answer: B
Explanation:

If a bridge mode SSID is configured for a managed FortiAP, you can add a security profile group to the wireless controller, if the FortiAP model supports the security profile. This is supported only in bridge mode.

asked 22/12/2024
Aleksandar Jovasevic
52 questions

Question 5

Report Export Collapse

How are wireless clients assigned to a dynamic VLAN configured for hash mode?

Using the current number of wireless clients connected to the SSID and the number of IPs available in the least busy VLAN

Using the current number of wireless clients connected to the SSID and the number of IPs available in the least busy VLAN

Using the current number of wireless clients connected to the SSID and the number of clients allocated to each of the VLANs

Using the current number of wireless clients connected to the SSID and the number of clients allocated to each of the VLANs

Using the current number of wireless clients connected to the SSID and the number of VLANs available in the pool

Using the current number of wireless clients connected to the SSID and the number of VLANs available in the pool

Using the current number of wireless clients connected to the SSID and the group the FortiAP is a member of

Using the current number of wireless clients connected to the SSID and the group the FortiAP is a member of

Suggested answer: C
Explanation:

VLAN from the VLAN pool based on a hash of the current number of SSID clients and the number of entries in the VLAN pool.

asked 22/12/2024
Roman Roman
38 questions

Question 6

Report Export Collapse

A tunnel mode SSID is configured on a FortiGate wireless controller.

Which task must be completed before the SSID can be used?

The new network must be manually assigned to a FortiAP profile.

The new network must be manually assigned to a FortiAP profile.

The wireless network interface must be assigned a Layer 3 address.

The wireless network interface must be assigned a Layer 3 address.

Security Fabric and HTTPS must be enabled on the wireless network interface.

Security Fabric and HTTPS must be enabled on the wireless network interface.

The wireless network to Internet firewall policy must be configured.

The wireless network to Internet firewall policy must be configured.

Suggested answer: B
Explanation:

The wireless network interface must be assigned a Layer 3 address because it acts as the gateway for the tunnel mode SSID traffic. The FortiGate wireless controller uses this interface to communicate with the FortiAPs and the wireless clients. Without a valid IP address, the tunnel mode SSID cannot function properly.

Reference:Secure Wireless LAN Course Description, page 5; [FortiOS 6.4.0 Handbook - Wireless Controller], page 24.

asked 22/12/2024
Sukhpreet Sidhu
44 questions

Question 7

Report Export Collapse

When using FortiPresence as a captive portal, which two types of public authentication services can be used to access guest Wi-Fi? (Choose two.)

Become a Premium Member for full access
  Unlock Premium Member

Question 8

Report Export Collapse

Six APs are located in a remotely based branch office and are managed by a centrally hosted FortiGate. Multiple wireless users frequently connect and roam between the APs in the remote office.

The network they connect to, is secured with WPA2-PSK. As currently configured, the WAN connection between the branch office and the centrally hosted FortiGate is unreliable.

Which configuration would enable the most reliable wireless connectivity for the remote clients?

Become a Premium Member for full access
  Unlock Premium Member

Question 9

Report Export Collapse

Which of the following is a requirement to generate analytic reports using on-site FortiPresence deployment?

Become a Premium Member for full access
  Unlock Premium Member

Question 10

Report Export Collapse

Which two statements about distributed automatic radio resource provisioning (DARRP) are correct? (Choose two.)

Become a Premium Member for full access
  Unlock Premium Member
Total 35 questions
Go to page: of 4
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which statement is correct about security profiles on FortiAP devices?
A tunnel mode wireless network is configured on a FortiGate wireless controller. Which task must be completed before the wireless network can be used?
As a network administrator, you are responsible for managing an enterprise secure wireless LAN. The controller is based in the United States, and you have been asked to deploy a number of managed APs in a remote office in Germany. What is the correct way to ensure that the RF channels and transmission power limits are appropriately configured for the remote APs?
As standard best practice, which configuration should be performed before configuring FortiAPs using a FortiGate wireless controller?
Refer to the exhibits. Exhibit A Exhibit B Exhibit C A wireless network has been installed in a small office building and is being used by a business to connect its wireless clients. The network is used for multiple purposes, including corporate access, guest access, and connecting point-of-sale and Io devices. Users connecting to the guest network located in the reception area are reporting slow performance. The network administrator is reviewing the information shown in the exhibits as part of the ongoing investigation of the problem. They show the profile used for the AP and the controller RF analysis output together with a screenshot of the GUI showing a summary of the AP and its neighboring APs. To improve performance for the users connecting to the guest network in this area, which configuration change is most likely to improve performance?
When using FortiPresence as a captive portal, which two types of public authentication services can be used to access guest Wi-Fi? (Choose two.)
How are wireless clients assigned to a dynamic VLAN configured for hash mode?
Which statement is correct about security profiles on FortiAP devices?
Refer to the exhibit. If the signal is set to -68 dB on the FortiPlanner site survey reading, which statement is correct regarding the coverage area?
Refer to the exhibits. Exhibit A Exhibit B A wireless network has been created to support a group of users in a specific area of a building. The wireless network is configured but users are unable to connect to it. The exhibits show the relevant controller configuration for the APs and the wireless network. Which two configuration changes will resolve the issue? (Choose two.)