An administrator is testing the connectivity for a new VLAN. The devices in the VLAN are connected to a FortiSwitch device that is managed by FortiGate. Quarantine is disabled on FortiGate.
While testing, the administrator noticed that devices can ping FortiGate and FortiGate can ping the devices. The administrator also noticed that inter-VLAN communication works. However, intra-VLAN communication does not work.
Which scenario is likely to cause this issue?
Answer : D
Refer to the exhibit.
By default, FortiOS creates the following DHCP server scope for the FortiLink interface as shown in the exhibit.
What is the objective of the vci-string setting?
Answer : C
An administrator has configured an SSID in bridge mode for corporate employees. All APs are online and provisioned using default AP profiles. Employees are unable to locate the SSID to connect.
Which two configurations can the administrator verify? (Choose two.)
Answer : AC
What is the purpose of enabling Windows Active Directory Domain Authentication on FortiAuthenticator?
Answer : D
Refer to the exhibit.
Examine the LDAP server configuration shown in the exhibit. Note that the Username setting has been expanded to display its full content.
On the Windows AD server 10.0.1.10, the administrator used dsquery, which returned the following output:
>dsquery user -samid student
"CN=student,CN=Users,DC=trainingAD,DC=training,DC=lab"
According to the output, which FortiGate LDAP setting is configured incorrectly?
Answer : C
Refer to the exhibit.
Examine the FortiGate configuration, FortiAnalyzer logs, and FortiGate widget shown in the exhibit.
An administrator is testing the Security Fabric quarantine automation. The administrator added FortiAnalyzer to the Security Fabric, and configured an automation stitch to automatically quarantine compromised devices. The test device (10.0.2.1) is connected to a managed FortiSwitch device.
After trying to access a malicious website from the test device, the administrator verifies that FortiAnalyzer has a log for the test connection. However, the device is not getting quarantined by FortiGate, as shown in the quarantine widget.
Which two scenarios are likely to cause this issue? (Choose two.)
Answer : BD
Refer to the exhibits.
Examine the troubleshooting outputs shown in the exhibits.
Users have been reporting issues with the speed of their wireless connection in a particular part of the wireless network. The interface that is having issues is the 2.4 GHz interface that is currently configured on channel 6.
The administrator of the wireless network has investigated and surveyed the local RF environment using the tools available at the AP and FortiGate.
Which configuration would improve the wireless connection?
Answer : B
Refer to the exhibit.
Examine the debug output shown in the exhibit.
Which two statements about the RADIUS debug output are true? (Choose two.)
Answer : AC
Which two statements about FortiSwitch manager are true? (Choose two.)
Answer : AC
Which two statements about MAC address quarantine by redirect mode are true? (Choose two.)
Answer : BD
Refer to the exhibit.
Examine the FortiSwitch security policy shown in the exhibit.
If the security profile shown in the exhibit is assigned to all ports on a FortiSwitch device for 802.1X authentication, which statement about the switch is correct?
Answer : C
You are configuring a FortiGate wireless network to support automated wireless client quarantine using IOC.
Which two configurations must you put in place for a wireless client to be quarantined successfully? (Choose two.)
Answer : BC
Refer to the exhibit.
Examine the RADIUS server configuration shown in the exhibit.
An administrator has configured a RADIUS server on FortiGate that points to FortiAuthenticator. FortiAuthenticator is acting as an authentication proxy and is configured to relay all authentication requests to a remote Windows AD server using LDAP.
While testing the configuration, the administrator noticed that the diagnose test authserver command worked with PAP; however, authentication requests failed when using MSCHAP2.
Which two solutions can the administrator implement to get MSCHAP2 authentication to work? (Choose two.)
Answer : AB
Where can FortiGate learn the FortiManager IP address or FQDN for zero-touch provisioning?
Answer : C
Which FortiSwitch VLANs are automatically created on FortiGate when the first FortiSwitch device is discovered?
Answer : D