Fortinet NSE 6 - FortiNAC 8.5 v1.0

Page:    1 / 2   
Exam contains 33 questions

Which three communication methods are used by the FortiNAC to gather information from, and control, infrastructure devices? (Choose three.)

  • A. SNMP
  • B. RADIUS
  • C. FTP
  • D. CLI
  • E. SMTP


Answer : ABC

Explanation:
Set up SNMP communication with FortiNAC
RADIUS Server that is used by FortiNAC to communicate
FortiNAC can be configured via CLI to use HTTP or HTTPS for OS updates instead of FTP.
Reference:
https://docs.fortinet.com/document/fortinac/8.3.0/administration-guide/28966/snmp https://docs.fortinet.com/document/fortinac/8.8.0/administration-guide/938271/configure-radius-settings https://fortinetweb.s3.amazonaws.com/docs.fortinet.com/v2/attachments/e7ebbdaa-cabf-11ea-8b7d-00505692583a/FortiNAC_Deployment_Guide.pdf

Which three circumstances trigger Layer 2 polling of infrastructure devices? (Choose three.)

  • A. A matched security policy
  • B. Scheduled poll timings
  • C. Linkup and Linkdown traps
  • D. Manual polling
  • E. A failed Layer 3 poll


Answer : BCD

How should you configure MAC notification traps on a supported switch?

  • A. Configure them only on ports set as 802.1q trunks
  • B. Configure them on all ports except uplink ports
  • C. Configure them on all ports on the switch
  • D. Configure them only after you configure linkup and linkdown traps


Answer : B

Explanation:
Configure SNMP MAC Notification traps on all access ports (do not include uplinks).
Reference:
https://fortinetweb.s3.amazonaws.com/docs.fortinet.com/v2/attachments/be7fcde9-9685-11e9-81a4-00505692583a/
Configuring_Traps_for_MAC_Notification.pdf

Which connecting endpoints are evaluated against all enabled device profiling rules?

  • A. Known trusted devices each time they change location
  • B. Rogues devices, each time they connect
  • C. Rogues devices, only when they connect for the first time
  • D. All hosts, each time they connect


Answer : A

Explanation:
FortiNAC process to classify rogue devices and create an organized inventory of known trusted registered devices.
Reference:
https://fortinetweb.s3.amazonaws.com/docs.fortinet.com/v2/attachments/9529d49c-892c-11e9-81a4-00505692583a/
FortiNAC_Device_Profiler_Configuration.pdf

What agent is required in order to detect an added USB drive?

  • A. Mobile
  • B. Passive
  • C. Dissolvable
  • D. Persistent


Answer : D

Explanation:
Expand the Persistent Agent folder. Select USB Detection from the tree.
Reference:
https://docs.fortinet.com/document/fortinac/8.5.2/administration-guide/814147/usb-detection

Which two of the following are required for endpoint compliance monitors? (Choose two.)

  • A. Logged on user
  • B. Security rule
  • C. Persistent agent
  • D. Custom scan


Answer : BD

Explanation:
DirectDefenseג€™s analysis of FireEye Endpoint attests that the products help meet the HIPAA Security Rule.
In the menu on the left click the + sign next to Endpoint Compliance to open it.
Reference:
https://www.fireeye.com/content/dam/fireeye-www/products/pdfs/cg-pci-and-hipaa-compliances.pdf https://docs.fortinet.com/document/fortinac/8.5.2/administration-guide/92047/add-or-modify-a-scan

By default, if more than 20 hosts are seen connected on a single port simultaneously, what will happen to the port?

  • A. The port is added to the Forced Registration group.
  • B. The port is disabled.
  • C. The port is switched into the Dead-End VLAN.
  • D. The port becomes a threshold uplink.


Answer : B

In a wireless integration, how does FortiNAC obtain connecting MAC address information?

  • A. Link traps
  • B. End station traffic monitoring
  • C. MAC notification traps
  • D. RADIUS


Answer : D

Explanation:
Intelligent Access Points (IAPs) and controllers support two methods of RADIUS based authentication: RADIUS MAC authentication and 802.1x authentication.
Reference:
https://fortinetweb.s3.amazonaws.com/docs.fortinet.com/v2/attachments/9019f7f8-200d-11e9-b6f6-f8bc1258b856/
FortiNAC_Wireless_Integration_Overview.pdf

Which system group will force at-risk hosts into the quarantine network, based on point of connection?

  • A. Forced Quarantine
  • B. Forced Remediation
  • C. Forced Isolation
  • D. Physical Address Filtering


Answer : B

Explanation:
A remediation plan is established, including a forensic analysis and a reload of the system. Also, users are forced to change their passwords as the system held local user accounts.
Reference:
https://oit.rice.edu/quarantining-process-used-it-staff-members-introduction

During the on-boarding process through the captive portal, why would a host that successfully registered remain stuck in the Registration VLAN? (Choose two.)

  • A. The wrong agent is installed.
  • B. Bridging is enabled on the host.
  • C. There is another unregistered host on the same port.
  • D. The ports default VLAN is the same as the Registration VLAN.


Answer : AD

Explanation:
Scenario 4: NAT detection disabled, using endpoint compliance policy and agent.
Reference:
https://fortinetweb.s3.amazonaws.com/docs.fortinet.com/v2/attachments/868f1267-7299-11e9-81a4-00505692583a/fortinac-admin-operation-85.pdf

In which view would you find who made modifications to a Group?

  • A. The Admin Auditing view
  • B. The Alarms view
  • C. The Event Management view
  • D. The Security Events view


Answer : A

Explanation:
Itג€™s important to audit Group Policy changes in order to determine the details of changes made to Group Policies by delegated users.
Reference:
https://www.lepide.com/how-to/audit-chnages-made-to-group-policy-objects.html

Which agent is used only as part of a login script?

  • A. Persistent
  • B. Passive
  • C. Mobile
  • D. Dissolvable


Answer : A

Explanation:
If the logon script runs the logon application in persistent mode, configure your Active Directory server not to run scripts synchronously.
Reference:
https://www.websense.com/content/support/library/deployctr/v76/init_setup_creating_and_running_logon_agent_script_deployment_tasks.aspx

Which two agents can validate endpoint compliance transparently to the end user? (Choose two.)

  • A. Persistent
  • B. Dissolvable
  • C. Mobile
  • D. Passive


Answer : AC

Explanation:
Mobile agents use the network transparently.
Reference:
https://docs.fortinet.com/document/fortinac/8.3.0/administration-guide/377110/persistent-agent-certificate-validation https://docs.fortinet.com/document/fortinac/8.3.0/administration-guide/377110/persistent-agent-certificate-validation

Which command line shell and scripting language does FortiNAC use for WinRM?

  • A. Powershell
  • B. Bash
  • C. Linux
  • D. DOS


Answer : A

Explanation:
Open Windows PowerShell or a command prompt. Run the following command to determine if you already have WinRM over HTTPS configured.
Reference:
https://docs.fortinet.com/document/fortinac/8.7.0/administration-guide/246310/winrm-device-profile-requirements-and-setup

Where are logical network values defined?

  • A. On the profiled devices view
  • B. In the port properties view of each port
  • C. In the model configuration view of each infrastructure device
  • D. In the security and access field of each host record


Answer : D

Reference:
https://www.sciencedirect.com/topics/computer-science/logical-network

Page:    1 / 2   
Exam contains 33 questions

Talk to us!


Have any questions or issues ? Please dont hesitate to contact us

Certlibrary doesn't offer Real Microsoft Exam Questions.
Certlibrary Materials do not contain actual questions and answers from Cisco's Certification Exams.
CFA Institute does not endorse, promote or warrant the accuracy or quality of Certlibrary. CFA® and Chartered Financial Analyst® are registered trademarks owned by CFA Institute.