Fortinet FCSS_LED_AR-7.6 - Fortinet NSE 6 - LAN Edge 7.6 Architect Exam
Page: 2 / 8
Total 38 questions
Question #6 (Topic: Exam A)
In public key infrastructure (PKI), what is the primary role of a certificate revocation list (CRL)?
A. To enable certificate authorities to update certificates with new public key information.
B. To list expired certificates and ensure they are not used for encryption.
C. To provide information about the revocation status of certificates in real time.
D. To maintain a list of certificates that have been revoked by the certificate authority (CA) before their expiration date.
Answer: D
Question #7 (Topic: Exam A)
A conference center wireless network provides guest access through a captive portal, allowing unregistered users to self-register and connect to the network.
The IT team has been tasked with updating the existing configuration to enforce captive portal authentication over a secure HTTPS connection.
Which two steps should the administrator take to implement this change? (Choose two.)
The IT team has been tasked with updating the existing configuration to enforce captive portal authentication over a secure HTTPS connection.
Which two steps should the administrator take to implement this change? (Choose two.)
A. Enable HTTP redirect in the user authentication settings.
B. Update the captive portal URL to use HTTPS on FortiGate and FortiAuthenticator.
C. Create a new SSID with the HTTPS captive portal URL.
D. Disable HTTP administrative access on the guest SSID to enforce HTTPS connection.
Answer: AB
Question #8 (Topic: Exam A)
Which two broad categories must be considered for wireless troubleshooting when evaluating key wireless metrics?
A. Wireless range and network speed
B. Signal interface and device compatibility
C. Network reliability and signal interference
D. Wireless health and wireless capacity
Answer: D
Question #9 (Topic: Exam A)
Refer to the exhibits.
Examine the network diagram and packet capture shown in the exhibit.
During packet capture analysis, a RADIUS Access-Request packet was detected being sent from FortiSwitch to FortiAuthenticator and passing through FortiGate. The capture shows that the User-Name attribute in the RADIUS Access-Request packet contains the client MAC address.
Why is the client MAC address contained in the User-Name attribute of the RADIUS Access-Request packet?
Examine the network diagram and packet capture shown in the exhibit.
During packet capture analysis, a RADIUS Access-Request packet was detected being sent from FortiSwitch to FortiAuthenticator and passing through FortiGate. The capture shows that the User-Name attribute in the RADIUS Access-Request packet contains the client MAC address.
Why is the client MAC address contained in the User-Name attribute of the RADIUS Access-Request packet?
A. FortiAuthenticator is authenticating the client based on the device hostname.
B. FortiAuthenticator is performing machine authentication
C. MAC address-based authentication is being used for the client through MAC Authentication Bypass (MAB).
D. FortiGate is authenticating the client using 802.1X authentication.
Answer: C
Question #10 (Topic: Exam A)
How does the Syslog-based single sign-on (SSO) feature in FortiAuthenticator function to correlate user activity with authentication events across multiple network devices?
A. It uses syslog messages to monitor authentication events and correlate them with user activities.
B. It modifies user credentials based on the outcome of authentication events.
C. It relies on external servers to analyze syslog messages for user authentication.
D. It authenticates users through a captive portal by monitoring login attempts.
Answer: A
