Fortinet NSE6_FAC-6.4 - Fortinet NSE 6 - FortiAuthenticator 6.4 Exam
Page: 2 / 6
Total 30 questions
Question #6 (Topic: Exam A)
Which network configuration is required when depioying FortiAuthenticator for portal services?
A. One of the DNS servers must be a FortiGuard DNS server
B. Policies must have specific ports open between FortiAuthenticator and the authentication clients
C. FortiGate must be set up as the default gateway for FortiAuthenticator
D. FortiAuthenticator must have the REST API access enabled on port 1
Answer: B
Question #7 (Topic: Exam A)
You are a FortiAuthenticator administrator for a large organization. Users who are configured to use FortiToken 200 for two-factor authentication can no longer authenticate. You have verified that only the users with two-factor authentication are experiencing the issue.
What can cause this issue?
What can cause this issue?
A. FortiToken 200 license has expired.
B. One of the FortiAuthenticator devices in the active-active cluster has failed.
C. Time drift between FortiAuthenticator and hardware tokens.
D. FortiAuthenticator has lost contact with the FortiToken Cloud servers.
Answer: C
Question #8 (Topic: Exam A)
Why would you configure an OCSP responder URL in an end-entity certificate?
A. To designate the SCEP server to use for CRL updates for that certificate
B. To identify the end point that a certificate has been assigned to
C. To designate a server for certificate status checking
D. To provide the CRL location for the certificate
Answer: C
Question #9 (Topic: Exam A)
An administrator wants to keep local CA cryptographic keys stored in a central location.
Which FortiAuthenticator feature would provide this functionality?
Which FortiAuthenticator feature would provide this functionality?
A. SCEP support
B. REST API
C. Network HSM
D. SFTP server
Answer: C
Question #10 (Topic: Exam A)
Which option correctly describes an SP-initiated SSO SAML packet flow for a host without a SAML assertion?
A. Principal contacts service provider, service provider redirects principal to identity provider, after successful authentication identity provider redirects principal to service provider.
B. Principal contacts identity provider and is redirected to service provider, principal establishes connection with service provider, service provider validates authentication with identity provider.
C. Principal contacts identity provider and authenticates, identity provider relays principal to service provider after valid authentication.
D. Service provider contacts identity provider, identity provider validates principal for service provider, service provider establishes communication with principal.
Answer: C
