New Year Special Limited Time Flat 70% Discount offer - Ends in 0d 00h 00m 00s - Coupon code: 70spcl

Fortinet FCSS_SASE_AD-23 FCSS FortiSASE 23 Administrator Exam Practice Test

Page: 1 / 3
Total 30 questions

FCSS FortiSASE 23 Administrator Questions and Answers

Question 1

An organization needs to resolve internal hostnames using its internal rather than public DNS servers for remotely connected endpoints. Which two components must be configured on FortiSASE to achieve this? (Choose two.)

Options:

A.

SSL deep inspection

B.

Split DNS rules

C.

Split tunnelling destinations

D.

DNS filter

Question 2

Which two advantages does FortiSASE bring to businesses with multiple branch offices? (Choose two.)

Options:

A.

It offers centralized management for simplified administration.

B.

It enables seamless integration with third-party firewalls.

C.

it offers customizable dashboard views for each branch location

D.

It eliminates the need to have an on-premises firewall for eachbranch.

Question 3

A FortiSASE administrator is configuring a Secure Private Access (SPA) solution to share endpoint information with a corporate FortiGate.

Which three configuration actions will achieve this solution? (Choose three.)

Options:

A.

Add the FortiGate IP address in the secure private access configuration on FortiSASE.

B.

Use the FortiClient EMS cloud connector on the corporate FortiGate to connect to FortiSASE

C.

Register FortiGate and FortiSASE under the same FortiCloud account.

D.

Authorize the corporate FortiGate on FortiSASE as a ZTNA access proxy.

E.

Apply the FortiSASE zero trust network access (ZTNA) license on the corporate FortiGate.

Question 4

An organization wants to block all video and audio application traffic but grant access to videos from CNN Which application override action must you configure in the Application Control with Inline-CASB?

Options:

A.

Allow

B.

Pass

C.

Permit

D.

Exempt

Question 5

Refer to the exhibits.

Question # 5

Question # 5

Question # 5

A FortiSASE administrator has configured an antivirus profile in the security profile group and applied it to the internet access policy. Remote users are still able to download the eicar.com-zip file from https://eicar.org. Traffic logs show traffic is allowed by the policy.

Which configuration on FortiSASE is allowing users to perform the download?

Options:

A.

Web filter is allowing the traffic.

B.

IPS is disabled in the security profile group.

C.

The HTTPS protocol is not enabled in the antivirus profile.

D.

Force certificate inspection is enabled in the policy.

Question 6

During FortiSASE provisioning, how many security points of presence (POPs) need to be configured by the FortiSASE administrator?

Options:

A.

3

B.

4

C.

2

D.

1

Question 7

To complete their day-to-day operations, remote users require access to a TCP-based application that is hosted on a private web server. Which FortiSASE deployment use case provides the most efficient and secure method for meeting the remote users' requirements?

Options:

A.

SD-WAN private access

B.

inline-CASB

C.

zero trust network access (ZTNA) private access

D.

next generation firewall (NGFW)

Question 8

Refer to the exhibit.

Question # 8

In the user connection monitor, the FortiSASE administrator notices the user name is showing random characters. Which configuration change must the administrator make to get proper user information?

Options:

A.

Turn off log anonymization on FortiSASE.

B.

Add more endpoint licenses on FortiSASE.

C.

Configure the username using FortiSASE naming convention.

D.

Change the deployment type from SWG to VPN.

Question 9

Which policy type is used to control traffic between the FortiClient endpoint to FortiSASE for secure internet access?

Options:

A.

VPN policy

B.

thin edge policy

C.

private access policy

D.

secure web gateway (SWG) policy

Page: 1 / 3
Total 30 questions