ExamGecko
Login
Home / Fortinet / NSE7_LED-7.0 / List of questions
Ask Question

Fortinet NSE7_LED-7.0 Practice Test - Questions Answers, Page 2

Add to Whishlist

List of questions

Question 11

Report Export Collapse

Refer to the exhibit.

Fortinet NSE7_LED-7.0 image Question 11 27013 09182024190743000000

Wireless guest users are unable to authenticate because they are getting a certificate error while loading the captive portal login page. This URL string is the HTTPS POST URL guest wireless users see when attempting to access the network using the web browser

Fortinet NSE7_LED-7.0 image Question 11 27013 09182024190743000000

Which two settings are the likely causes of the issue? (Choose two.)

The external server FQDN is incorrect
The external server FQDN is incorrect
The wireless user's browser is missing a CA certificate
The wireless user's browser is missing a CA certificate
The FortiGate authentication interface address is using HTTPS
The FortiGate authentication interface address is using HTTPS
The user address is not in DDNS form
The user address is not in DDNS form
Suggested answer: A, B
Explanation:

According to the exhibit, the wireless guest users are getting a certificate error while loading the captive portal login page. This means that the browser cannot verify the identity of the server that is hosting the login page. Therefore, option A is true because the external server FQDN is incorrect, which means that it does not match the common name or subject alternative name of the server certificate. Option B is also true because the wireless user's browser is missing a CA certificate, which means that it does not have the root or intermediate certificate that issued the server certificate. Option C is false because the FortiGate authentication interface address is using HTTPS, which is a secure protocol that encrypts the communication between the browser and the server. Option D is false because the user address is not in DDNS form, which is not related to the certificate error.

asked 18/09/2024
Robert Rek
50 questions

Question 12

Report Export Collapse

When you configure a FortiAP wireless interface for auto TX power control which statement describes how it configures its transmission power'?

Become a Premium Member for full access
  Unlock Premium Member

Question 13

Report Export Collapse

Refer to the exhibit

Fortinet NSE7_LED-7.0 image Question 13 27015 09182024190743000000

Examine the sections of the configuration shown in the output

What action will FortiGate take when verifying the student certificate through OCSP?

Become a Premium Member for full access
  Unlock Premium Member

Question 14

Report Export Collapse

Refer to the exhibit.

Fortinet NSE7_LED-7.0 image Question 14 27016 09182024190743000000

Examine the IPsec VPN phase 1 configuration shown in the exhibit

An administrator wants to use certificate-based authentication for an IPsec VPN user

Which three configuration changes must you make on FortiGate to perform certificate-based authentication for the IPsec VPN user? (Choose three)

Become a Premium Member for full access
  Unlock Premium Member

Question 15

Report Export Collapse

You are configuring a FortiGate wireless network to support automated wireless client quarantine using IOC Which two configurations must you put in place for a wireless client to be quarantined successfully? (Choose two)

Become a Premium Member for full access
  Unlock Premium Member

Question 16

Report Export Collapse

Refer to the exhibits

Fortinet NSE7_LED-7.0 image Question 16 27018 09182024190743000000

The exhibits show the wireless network (VAP) SSID profiles defined on FortiManager and an AP profile assigned to a group of APs that are supported by FortiGate

None of the APs are broadcasting the SSlDs defined by the AP profile

Which changes do you need to make to enable the SSIDs to broadcast?

Become a Premium Member for full access
  Unlock Premium Member

Question 17

Report Export Collapse

Which two statements about the guest portal on FortiAuthenticator are true? (Choose two.)

Become a Premium Member for full access
  Unlock Premium Member

Question 18

Report Export Collapse

Refer to the exhibit.

Fortinet NSE7_LED-7.0 image Question 18 27020 09182024190743000000

Exhibit.

Fortinet NSE7_LED-7.0 image Question 18 27020 09182024190743000000

Refer to the exhibits

In the wireless configuration shown in the exhibits, an AP is deployed in a remote site and has a wireless network (VAP) called Corporate deployed to it

The network is a tunneled network however clients connecting to a wireless network require access to a local printer Clients are trying to print to a printer on the remote site but are unable to do so

Which configuration change is required to allow clients connected to the Corporate SSID to print locally?

Become a Premium Member for full access
  Unlock Premium Member

Question 19

Report Export Collapse

Which two statements about FortiSwitch manager are true1? (Choose two)

Become a Premium Member for full access
  Unlock Premium Member

Question 20

Report Export Collapse

A wireless network in a school provides guest access using a captive portal to allow unregistered users to self-register and access the network The administrator is requested to update the existing configuration to provide captive portal authentication through a secure connection (HTTPS)

Which two changes must the administrator make to enforce HTTPS authentication'? (Choose two >

Become a Premium Member for full access
  Unlock Premium Member
Total 61 questions
Go to page: of 7
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

A wireless network in a school provides guest access using a captive portal to allow unregistered users to self-register and access the network The administrator is requested to update the existing configuration to provide captive portal authentication through a secure connection (HTTPS) Which two changes must the administrator make to enforce HTTPS authentication'? (Choose two >
Refer to the exhibit. Examine the debug output shown in the exhibit Which two statements about the RADIUS debug output are true'' (Choose two)
Refer to the exhibit Examine the FortiGate RSSO configuration shown in the exhibit FortiGate is configured to receive RADIUS accounting messages on port3 to authenticate RSSO users The users are located behind port3 and the internet link is connected to port1 FortiGate is processing incoming RADIUS accounting messages successfully and RSSO users are getting associated with the RSSO Group user group However all the users are able to access the internet, and the administrator wants to restrict internet access to RSSO users only Which configuration change should the administrator make to fix the problem?
Which two statements about the guest portal on FortiAuthenticator are true? (Choose two.)
Which two pieces of information can the diagnose test authserver ldap command provide? (Choose two.)
What is the purpose of enabling Windows Active Directory Domain Authentication on FortiAuthenticator?
Refer to the exhibit. Examine the IPsec VPN phase 1 configuration shown in the exhibit An administrator wants to use certificate-based authentication for an IPsec VPN user Which three configuration changes must you make on FortiGate to perform certificate-based authentication for the IPsec VPN user? (Choose three)
Which two statements about the MAC-based 802 1X security mode available on FortiSwitch are true? (Choose two.)
Refer to the exhibits. Exhibit. Examine the troubleshooting outputs shown in the exhibits Users have been reporting issues with the speed of their wireless connection in a particular part of the wireless network The interface that is having issues is the 2 4 GHz interface that is currently configured on channel 6 The administrator of the wireless network has investigated and surveyed the local RF environment using the tools available at the AP and FortiGate Which configuration would improve the wireless connection?
Refer to the exhibit. Examine the FortiGate configuration FortiAnalyzer logs and FortiGate widget shown in the exhibit An administrator is testing the Security Fabric quarantine automation The administrator added FortiAnalyzer to the Security Fabric and configured an automation stitch to automatically quarantine compromised devices The test device (::.:.:.!) s connected to a managed Fort Switch dev :e After trying to access a malicious website from the test device, the administrator verifies that FortiAnalyzer has a log (or the test connection However the device is not getting quarantined by FortiGate as shown in the quarantine widget Which two scenarios are likely to cause this issue? (Choose two)