ExamGecko
Search Search Login
Home Home / Fortinet / NSE7_LED-7.0
Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Refer to the exhibit. Examine the debug output shown in the exhibit Which two statements about the RADIUS debug output are true'' (Choose two)
A wireless network in a school provides guest access using a captive portal to allow unregistered users to self-register and access the network The administrator is requested to update the existing configuration to provide captive portal authentication through a secure connection (HTTPS) Which two changes must the administrator make to enforce HTTPS authentication'? (Choose two >
Which two pieces of information can the diagnose test authserver ldap command provide? (Choose two.)
What is the purpose of enabling Windows Active Directory Domain Authentication on FortiAuthenticator?
Refer to the exhibit Examine the FortiGate RSSO configuration shown in the exhibit FortiGate is configured to receive RADIUS accounting messages on port3 to authenticate RSSO users The users are located behind port3 and the internet link is connected to port1 FortiGate is processing incoming RADIUS accounting messages successfully and RSSO users are getting associated with the RSSO Group user group However all the users are able to access the internet, and the administrator wants to restrict internet access to RSSO users only Which configuration change should the administrator make to fix the problem?
Which EAP method requires the use of a digital certificate on both the server end and the client end?
Refer to the exhibits. Exhibit. Examine the troubleshooting outputs shown in the exhibits Users have been reporting issues with the speed of their wireless connection in a particular part of the wireless network The interface that is having issues is the 2 4 GHz interface that is currently configured on channel 6 The administrator of the wireless network has investigated and surveyed the local RF environment using the tools available at the AP and FortiGate Which configuration would improve the wireless connection?
Refer to the exhibit. By default FortiOS creates the following DHCP server scope for the FortiLink interface as shown in the exhibit What is the objective of the vci-string setting?
Which two statements about the guest portal on FortiAuthenticator are true? (Choose two.)
Refer to the exhibit A device connected to port2 on FortiSwitch cannot access the network The port is assigned a security policy to enforce 802 1X authentication While troubleshooting the issue, the administrator obtains the debug output shown in the exhibit Which two scenarios are likely to cause this issue? (Choose two.)

Question 31 - NSE7_LED-7.0 discussion

Report
Export

Refer to the exhibit.

Examine the FortiGate user group configuration and the Windows AD LDAP group membership information shown in the exhibit

FortiGate is configured to authenticate SSL VPN users against Windows AD using LDAP The administrator configured the SSL VPN user group for SSL VPN users However the administrator noticed that both the student and j smith users can connect to SSL VPN

Which change can the administrator make on FortiGate to restrict the SSL VPN service to the student user only?

A.
In the SSL VPN user group configuration set Group Nam to CN-SSLVPN, CN='users, DC-trainingAD, DC-training, DC-lab
Answers
A.
In the SSL VPN user group configuration set Group Nam to CN-SSLVPN, CN='users, DC-trainingAD, DC-training, DC-lab
B.
In the SSL VPN user group configuration, change Name to cn=sslvpn, CN=users, DC=trainingAD, Detraining, DC-lab.
Answers
B.
In the SSL VPN user group configuration, change Name to cn=sslvpn, CN=users, DC=trainingAD, Detraining, DC-lab.
C.
In the SSL VPN user group configuration set Group Name to ::;=Domain users.CN-Users/DC=trainingAD, DC-training, DC=lab.
Answers
C.
In the SSL VPN user group configuration set Group Name to ::;=Domain users.CN-Users/DC=trainingAD, DC-training, DC=lab.
D.
In the SSL VPN user group configuration change Type to Fortinet Single Sign-On (FSSO)
Answers
D.
In the SSL VPN user group configuration change Type to Fortinet Single Sign-On (FSSO)
Suggested answer: A

Explanation:

According to the FortiGate Administration Guide, ''The Group Name is the name of the LDAP group that you want to use for authentication. The name must match exactly the name of the LDAP group on the LDAP server.'' Therefore, option A is true because it will set the Group Name to match the LDAP group that contains only the student user. Option B is false because changing the Name will not affect the authentication process, as it is only a local identifier for the user group on FortiGate. Option C is false because setting the Group Name to Domain Users will include all users in the domain, not just the student user. Option D is false because changing the Type to FSSO will require a different configuration method and will not solve the problem.

Show Answer
asked 18/09/2024
Reaper Gamer
43 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms