New Year Special Limited Time Flat 70% Discount offer - Ends in 0d 00h 00m 00s - Coupon code: 70spcl

Fortinet NSE6_FNC-7.2 Fortinet NSE 6 - FortiNAC 7.2 Exam Practice Test

Page: 1 / 6
Total 57 questions

Fortinet NSE 6 - FortiNAC 7.2 Questions and Answers

Question 1

In which view would you find who made modifications to a Group?

Options:

A.

The Event Management view

B.

The Security Events view

C.

The Alarms view

D.

The Admin Auditing view

Question 2

During an evaluation of state-based enforcement, an administrator discovers that ports that should not be under enforcement have been added to enforcement groups. In which view would the administrator be able to determine who added the ports to the groups?

Options:

A.

The Alarms view

B.

The Admin Auditing view

C.

The Event Management view

D.

The Security Events view

Question 3

During the on-boarding process through the captive portal, what are two reasons why a host that successfully registered would remain stuck in the Registration VLAN? (Choose two.)

Options:

A.

The wrong agent is installed.

B.

The port default VLAN is the same as the Registration VLAN.

C.

Bridging is enabled on the host.

D.

There is another unregistered host on the same port.

Question 4

Which two agents can validate endpoint compliance transparently to the end user? (Choose two.)

Options:

A.

Dissolvable

B.

Mobile

C.

Passive

D.

Persistent

Question 5

Which agent can receive and display messages from FortiNAC to the end user?

Options:

A.

Dissolvable

B.

Persistent

C.

Passive

D.

MDM

Question 6

Which three circumstances trigger Layer 2 polling of infrastructure devices? (Choose three.)

Options:

A.

Manual polling

B.

Scheduled poll timings

C.

A failed Layer 3 poll

D.

A matched security policy

E.

Linkup and Linkdown traps

Question 7

Which agent is used only as part of a login script?

Options:

A.

Mobile

B.

Passive

C.

Persistent

D.

Dissolvable

Question 8

Where do you look to determine which network access policy, if any is being applied to a particular host?

Options:

A.

The Policy Details view for the host

B.

The Connections view

C.

The Port Properties view of the hosts port

D.

The Policy Logs view

Question 9

Which three are components of a security rule? (Choose three.)

Options:

A.

Methods

B.

Security String

C.

Trigger

D.

User or host profile

E.

Action

Question 10

What causes a host's state to change to "at risk"?

Options:

A.

The host has failed an endpoint compliance policy or admin scan.

B.

The logged on user is not found in the Active Directory.

C.

The host has been administratively disabled.

D.

The host is not in the Registered Hosts group.

Question 11

Where do you look to determine when and why the FortiNAC made an automated network access change?

Options:

A.

The Event view

B.

The Port Changes view

C.

The Connections view

D.

The Admin Auditing view

Question 12

What agent is required in order to detect an added USB drive?

Options:

A.

Persistent

B.

Dissolvable

C.

Mobile

D.

Passive

Question 13

What would happen if a port was placed in both the Forced Registration and the Forced Remediation port groups?

Options:

A.

Only rogue hosts would be impacted.

B.

Both enforcement groups cannot contain the same port.

C.

Only al-risk hosts would be impacted.

D.

Both types of enforcement would be applied.

Question 14

Refer to the exhibit, and then answer the question below.

Question # 14

Which host is rogue?

Options:

A.

1

B.

3

C.

2

D.

4

Question 15

When FortiNAC is managing FortiGate VPN users, why is an endpoint compliance policy necessary?

Options:

A.

To confirm installed security software

B.

To validate the VPN user credentials

C.

To designate the required agent type

D.

To validate the VPN client being used

Question 16

In a wireless integration, what method does FortiNAC use to obtain connecting MAC address information?

Options:

A.

SNMP traps

B.

RADIUS

C.

Endstation traffic monitoring

D Link traps

Question 17

By default, if more than 20 hosts are seen connected on a single port simultaneously, what will happen to the port?

Options:

A.

The port is switched into the Dead-End VLAN.

B.

The port becomes a threshold uplink.

C.

The port is disabled.

D.

The port is added to the Forced Registration group.

Page: 1 / 6
Total 57 questions