Page: 1
/ 3
Total 48 questions
Refer to the exhibit.
Based on the FortiClient logs shown in the exhibit, which software application is blocked by the application firewall?
- A. Twitter
- B. Facebook
- C. Firefox
- D. Internet Explorer
Answer : C
When site categories are disabled in FortiClient webfilter and antivirus (malicious websites), which feature can be used to protect the endpoint from malicious web access?
- A. Web exclusion list
- B. FortiSandbox URL list
- C. Real-time protection list
- D. Block malicious websites on antivirus
Answer : A
Refer to the exhibits, which show a network topology diagram of ZTNA proxy access and the ZTNA rule configuration.
An administrator runs the diagnose endpoint record list CLI command on FortiGate to check Remote-Client endpoint information, however Remote-Client is not showing up in the endpoint record list.
What is the cause of this issue?
- A. Remote-Client failed the client certificate authentication.
- B. Remote-Client provided an empty client certificate to connect to the ZTNA access proxy.
- C. Remote-Client has not initiated a connection to the ZTNA access proxy.
- D. Remote-Client provided an invalid certificate to connect to the ZTNA access proxy.
Answer : C
Refer to the exhibit, which shows the endpoint summary information on FortiClient EMS.
What two conclusions can you make based on the Remote-Client status shown above? (Choose two.)
- A. The endpoint is classified as at risk.
- B. The endpoint has been assigned the Default endpoint policy.
- C. The endpoint is configured to support FortiSandbox.
- D. The endpoint is currently off-net.
Answer : B
Refer to the exhibit, which shows the Zero Trust Tagging Rule Set configuration.
Which two statements about the rule set are true? (Choose two.)
- A. The endpoint must satisfy that only Windows 10 is running.
- B. The endpoint must satisfy that only AV software is installed and running.
- C. The endpoint must satisfy that antivirus is installed and running and Windows 10 is running.
- D. The endpoint must satisfy that only Windows Server 2012 R2 is running.
Answer : BC
An administrator wants to simplify remote access without asking users to provide user credentials.
Which access control method provides this solution?
- A. ZTNA full mode
- B. SSL VPN
- C. L2TP
- D. ZTNA IP/MAC filtering mode
Answer : A
Which two statements are true about the ZTNA rule? (Choose two.)
- A. It enforces access control.
- B. It redirects the client request to the access proxy.
- C. It applies security profiles to protect traffic.
- D. It defines the access proxy.
Answer : BC
What is the function of the quick scan option on FortiClient?
- A. It scans programs and drivers that are currently running, for threats.
- B. It performs a full system scan including all files, executable files, DLLs, and drivers for threats.
- C. It allows users to select a specific file folder on their local hard disk drive (HDD), to scan for threats.
- D. It scans executable files, DLLs, and drivers that are currently running, for threats.
Answer : D
Which two benefits are benefits of using multi-tenancy mode on FortiClient EMS? (Choose two.)
- A. It provides granular access and segmentation.
- B. The fabric connector must use an IP address to connect to FortiClient EMS.
- C. Licenses are shared among sites.
- D. Separate host servers manage each site.
Answer : AD
Refer to the exhibit.
Based on the settings shown in the exhibit, what action will FortiClient take when it detects that a user is trying to download an infected file?
- A. Blocks the infected files as it is downloading
- B. Sends the infected file to FortiGuard for analysis
- C. Quarantines the infected files and logs all access attempts
- D. Allows the infected file to download without scan
Answer : D
Refer to the exhibit.
Based on the Security Fabric automation settings, what action will be taken on compromised endpoints?
- A. Endpoints will be banned on FortiGate.
- B. Endpoints will be quarantined through a network device.
- C. An email notification will be sent for compromised endpoints.
- D. Endpoints will be quarantined through EMS.
Answer : D
Refer to the exhibits, which show the Zero Trust Tag Monitor and the FortiClient GUI status.
Remote-Client is tagged as Remote-Users on the FortiClient EMS Zero Trust Tag Monitor.
What must an administrator do to show the tag on the FortiClient GUI?
- A. Change the FortiClient system settings to enable tag visibility.
- B. Update tagging rule logic to enable tag visibility.
- C. Change the user identity settings to enable tag visibility.
- D. Change the endpoint control setting to enable tag visibility.
Answer : D
An administrator configures ZTNA configuration on the FortiGate for remote users.
Which statement is true about the firewall policy?
- A. It defines the access proxy.
- B. It redirects the client request to the access proxy.
- C. It applies security profiles to protect traffic.
- D. It enforces access control.
Answer : C
Why does FortiGate need the root CA certificate of FortiClient EMS?
- A. To update FortiClient client certificates
- B. To trust certificates issued by FortiClient EMS
- C. To revoke FortiClient client certificates
- D. To sign FortiClient CSR requests
Answer : A
Which statement about the FortiClient enterprise management server is true?
- A. It receives the configuration information of endpoints from FortiGate.
- B. It provides centralized management of multiple endpoints running FortiClient software.
- C. It receives the CA certificate from FortiGate to validate client certificates.
- D. It enforces compliance on the endpoints using tags.
Answer : B
30 days access 