Which three communication methods are used by the FortiNAC to gather information from, and control, infrastructure devices? (Choose three.)
Answer : ABC
Explanation:
Set up SNMP communication with FortiNAC
RADIUS Server that is used by FortiNAC to communicate
FortiNAC can be configured via CLI to use HTTP or HTTPS for OS updates instead of FTP.
Reference:
https://docs.fortinet.com/document/fortinac/8.3.0/administration-guide/28966/snmp https://docs.fortinet.com/document/fortinac/8.8.0/administration-guide/938271/configure-radius-settings https://fortinetweb.s3.amazonaws.com/docs.fortinet.com/v2/attachments/e7ebbdaa-cabf-11ea-8b7d-00505692583a/FortiNAC_Deployment_Guide.pdf
Which three circumstances trigger Layer 2 polling of infrastructure devices? (Choose three.)
Answer : BCD
How should you configure MAC notification traps on a supported switch?
Answer : B
Explanation:
Configure SNMP MAC Notification traps on all access ports (do not include uplinks).
Reference:
https://fortinetweb.s3.amazonaws.com/docs.fortinet.com/v2/attachments/be7fcde9-9685-11e9-81a4-00505692583a/
Configuring_Traps_for_MAC_Notification.pdf
Which connecting endpoints are evaluated against all enabled device profiling rules?
Answer : A
Explanation:
FortiNAC process to classify rogue devices and create an organized inventory of known trusted registered devices.
Reference:
https://fortinetweb.s3.amazonaws.com/docs.fortinet.com/v2/attachments/9529d49c-892c-11e9-81a4-00505692583a/
FortiNAC_Device_Profiler_Configuration.pdf
What agent is required in order to detect an added USB drive?
Answer : D
Explanation:
Expand the Persistent Agent folder. Select USB Detection from the tree.
Reference:
https://docs.fortinet.com/document/fortinac/8.5.2/administration-guide/814147/usb-detection
Which two of the following are required for endpoint compliance monitors? (Choose two.)
Answer : BD
Explanation:
DirectDefenseג€™s analysis of FireEye Endpoint attests that the products help meet the HIPAA Security Rule.
In the menu on the left click the + sign next to Endpoint Compliance to open it.
Reference:
https://www.fireeye.com/content/dam/fireeye-www/products/pdfs/cg-pci-and-hipaa-compliances.pdf https://docs.fortinet.com/document/fortinac/8.5.2/administration-guide/92047/add-or-modify-a-scan
By default, if more than 20 hosts are seen connected on a single port simultaneously, what will happen to the port?
Answer : B
In a wireless integration, how does FortiNAC obtain connecting MAC address information?
Answer : D
Explanation:
Intelligent Access Points (IAPs) and controllers support two methods of RADIUS based authentication: RADIUS MAC authentication and 802.1x authentication.
Reference:
https://fortinetweb.s3.amazonaws.com/docs.fortinet.com/v2/attachments/9019f7f8-200d-11e9-b6f6-f8bc1258b856/
FortiNAC_Wireless_Integration_Overview.pdf
Which system group will force at-risk hosts into the quarantine network, based on point of connection?
Answer : B
Explanation:
A remediation plan is established, including a forensic analysis and a reload of the system. Also, users are forced to change their passwords as the system held local user accounts.
Reference:
https://oit.rice.edu/quarantining-process-used-it-staff-members-introduction
During the on-boarding process through the captive portal, why would a host that successfully registered remain stuck in the Registration VLAN? (Choose two.)
Answer : AD
Explanation:
Scenario 4: NAT detection disabled, using endpoint compliance policy and agent.
Reference:
https://fortinetweb.s3.amazonaws.com/docs.fortinet.com/v2/attachments/868f1267-7299-11e9-81a4-00505692583a/fortinac-admin-operation-85.pdf
In which view would you find who made modifications to a Group?
Answer : A
Explanation:
Itג€™s important to audit Group Policy changes in order to determine the details of changes made to Group Policies by delegated users.
Reference:
https://www.lepide.com/how-to/audit-chnages-made-to-group-policy-objects.html
Which agent is used only as part of a login script?
Answer : A
Explanation:
If the logon script runs the logon application in persistent mode, configure your Active Directory server not to run scripts synchronously.
Reference:
https://www.websense.com/content/support/library/deployctr/v76/init_setup_creating_and_running_logon_agent_script_deployment_tasks.aspx
Which two agents can validate endpoint compliance transparently to the end user? (Choose two.)
Answer : AC
Explanation:
Mobile agents use the network transparently.
Reference:
https://docs.fortinet.com/document/fortinac/8.3.0/administration-guide/377110/persistent-agent-certificate-validation https://docs.fortinet.com/document/fortinac/8.3.0/administration-guide/377110/persistent-agent-certificate-validation
Which command line shell and scripting language does FortiNAC use for WinRM?
Answer : A
Explanation:
Open Windows PowerShell or a command prompt. Run the following command to determine if you already have WinRM over HTTPS configured.
Reference:
https://docs.fortinet.com/document/fortinac/8.7.0/administration-guide/246310/winrm-device-profile-requirements-and-setup
Where are logical network values defined?
Answer : D
Reference:
https://www.sciencedirect.com/topics/computer-science/logical-network
Have any questions or issues ? Please dont hesitate to contact us