New Year Special Limited Time Flat 70% Discount offer - Ends in 0d 00h 00m 00s - Coupon code: 70spcl

Fortinet NSE6_FNC-9.1 Fortinet NSE 6 - FortiNAC 9.1 Exam Practice Test

Page: 1 / 5
Total 47 questions

Fortinet NSE 6 - FortiNAC 9.1 Questions and Answers

Question 1

Which three are components of a security rule? (Choose three.)

Options:

A.

Methods

B.

Security String

C.

Trigger

D.

User or host profile

E.

Action

Question 2

Which two things must be done to allow FortiNAC to process incoming syslog messages from an unknown vendor? (Choose two.)

Options:

A.

A security event parser must be created for the device.

B.

The device sending the messages must be modeled in the Network Inventory view.

C.

The device must be added as a patch management server.

D.

The device must be added as a log receiver.

Question 3

While troubleshooting a network connectivity issue, an administrator determines that a device was being automatically provisioned to an incorrect VLAN.

Where would the administrator look to determine when and why FortiNAC made the network access change?

Options:

A.

The Event view

B.

The Admin Auditing view

C.

The Port Changes view

D.

The Connections view

Question 4

What agent is required in order to detect an added USB drive?

Options:

A.

Persistent

B.

Dissolvable

C.

Mobile

D.

Passive

Question 5

Refer to the exhibit, and then answer the question below.

Question # 5

Which host is rogue?

Options:

A.

1

B.

3

C.

2

D.

4

Question 6

Which agent is used only as part of a login script?

Options:

A.

Mobile

B.

Passive

C.

Persistent

D.

Dissolvable

Question 7

Where are logical network values defined?

Options:

A.

In the model configuration view of each infrastructure device

B.

In the port properties view of each port

C.

On the profiled devices view

D.

In the security and access field of each host record

Question 8

Refer to the exhibit.

Question # 8

Considering the host status of the two hosts connected to the same wired port, what will happen if the port is a member of the Forced Registration port group?

Options:

A.

The port will be provisioned for the normal state host, and both hosts will have access to that VLAN.

B.

The port will not be managed, and an event will be generated.

C.

The port will be provisioned to the registration network, and both hosts will be isolated.

D.

The port will be administratively shut down.

Question 9

Where do you look to determine when and why the FortiNAC made an automated network access change?

Options:

A.

The Event view

B.

The Port Changes view

C.

The Connections view

D.

The Admin Auditing view

Question 10

An administrator wants the Host At Risk event to generate an alarm. What is used to achieve this result?

Options:

A.

A security trigger activity

B.

A security filter

C.

An event to alarm mapping

D.

An event to action mapping

Question 11

Refer to the exhibit.

Question # 11

If you are forcing the registration of unknown (rogue) hosts, and an unknown (rogue) host connects to a port on the switch, what occurs?

Options:

A.

The host is moved to VLAN 111.

B.

The host is moved to a default isolation VLAN.

C.

No VLAN change is performed.

D.

The host is disabled.

Question 12

An administrator is configuring FortiNAC to manage FortiGate VPN users. As part of the configuration, the administrator must configure a few FortiGate firewall policies.

What is the purpose of the FortiGate firewall policy that applies to unauthorized VPN clients?

Options:

A.

To deny access to only the production DNS server

B.

To allow access to only the FortiNAC VPN interface

C.

To allow access to only the production DNS server

D.

To deny access to only the FortiNAC VPN interface

Question 13

When FortiNAC is managing FortiGate VPN users, why is an endpoint compliance policy necessary?

Options:

A.

To confirm installed security software

B.

To validate the VPN user credentials

C.

To designate the required agent type

D.

To validate the VPN client beingused

Question 14

When you create a user or host profile; which three criteria can you use? (Choose three.)

Options:

A.

An applied access policy

B.

Administrative group membership

C.

Location

D.

Host or user group memberships

E.

Host or user attributes

Page: 1 / 5
Total 47 questions