An administrator configures ZTNA configuration on the FortiGate for remote users. Which statement is true about the firewall policy? It enforces access control It redirects the client request to the access proxy It defines the access proxy It applies security profiles to protect traffic.
An administrator wants to simplify remote access without asking users to provide user credentials.
Which access control method provides this solution"? SSL VPN ZTNA full mode L2TP ZTNA IP/MAC filtering mode.
Why does FortiGate need the root CA certificate of FortiClient EMS? To sign FortiClient CSR requests To revoke FortiClient client certificates To trust certificates issued by FortiClient EMS To update FortiClient client certificates.
Which two statements are true about ZTNA? (Choose two.) ZTNA provides role-based access ZTNA manages access for remote users only ZTNA manages access through the client only ZTNA provides a security posture check.
What does FortiClient do as a fabric agent? (Choose two.) Provides application inventory Provides IOC verdicts Automates Responses Creates dynamic policies.
Which component or device shares ZTNA tag information through Security Fabric integration? FortiClient EMS FortiGate FortiGate Access Proxy FortiClient.
An administrator is required to maintain a software vulnerability on the endpoints, without showing the feature on the FortiClient dashboard. What must the administrator do to achieve this requirement? Disable select the vulnerability scan feature in the deployment package Use the default endpoint profile Select the vulnerability scan feature in the deployment package, but disable the feature on the endpoint profile Click the hide icon on the vulnerability scan tab.
Refer to the exhibit.
Which shows FortiClient EMS deployment profiles.
When an administrator creates a deployment profile on FortiClient EMS, which statement about the
deployment profile is true? Deployment-1 will install FortiClient on new AD group endpoints Deployment-2 will install FortiClient on both the AD group and workgroup Deployment-2 will upgrade FortiClient on both the AD group and workgroup Deployment-1 will upgrade FortiClient only on the workgroup.
An administrator needs to connect FortiClient EMS as a fabric connector to FortiGate. What is the prerequisite to get FortiClient EMS to connect to FortiGate successfully? Revoke and update the FortiClient EMS root CA. Revoke and update the FortiClient client certificate on EMS. Import and verify the FortiClient client certificate on FortiGate Import and verify the FortiClient EMS root CA certificate on FortiGate.
Refer to the exhibit.
Based on the FortiClient logs shown in the exhibit which endpoint profile policy is currently applied to the FortiClient endpoint from the EMS server? Default Compliance rules default Fortinet-Training Default configuration policy.
Refer to the exhibit.
Based on the settings shown in the exhibit, which action will FortiClient take when users try to access www.facebook.com? FortiClient will allow access to Facebook FortiClient will monitor only the user's web access to the Facebook website FortiClient will block access to Facebook and its subdomains FortiClient will prompt a warning message to warn the user before they can access the Facebook
website.
Refer to the exhibit.
Which shows the output of the ZTNA traffic log on FortiGate.
What can you conclude from the log message? The remote user connection does not match the explicit proxy policy The remote user connection does not match the ZTNA server configuration The remote user connection does not match the ZTNA rule configuration The remote user connection does not match the ZTNA firewall policy.
Refer to the exhibits.
Which show the Zero Trust Tag Monitor and the FortiClient GUI status.
Remote-Client is tagged as Remote-Users on the FortiClient EMS Zero Trust Tag Monitor.
What must an administrator do to show the tag on the FortiClient GUI? Update tagging rule logic to enable tag visibility Change the FortiClient system settings to enable tag visibility Change the endpoint control setting to enable tag visibility Change the user identity settings to enable tag visibility.
Which two third-party tools can an administrator use to deploy FortiClient? (Choose two.) Microsoft Windows Installer Microsoft SCCM Microsoft Active Directory GPO QR code generator.
Which security fabric component sends a notification to quarantine an endpoint after IOC detection in the automation process? FortiAnalyzer FortiClient ForbClient EMS FortiGate.
What is the function of the quick scan option on FortiClient? It scans executable files, DLLs, and drivers that are currently running, for threats It scans programs and drivers that are currently running, for threats. It allows users to select a specific file folder on their local hard disk drive (HDD), to scan for threats It performs a full system scan including all files, executable files, DLLs, and drivers for threats.
When site categories are disabled in FortiClient webfilter and antivirus (malicious websites), which feature can be used to protect the endpoint from malicious web access? Web exclusion list Real-time protection list Block malicious websites on antivirus FortiSandbox URL list.
Which two benefits are benefits of using multi-tenancy mode on FortiClient EMS? (Choose two.) The fabric connector must use an IP address to connect to FortiClient EMS It provides granular access and segmentation. Licenses are shared among sites Separate host servers manage each site.
Which two statements are true about the ZTNA rule? (Choose two. ) It enforces access control It redirects the client request to the access proxy It defines the access proxy It applies security profiles to protect traffic.
Refer to the exhibit.
Based on the CLI output from FortiGate. which statement is true? FortiGate is configured to pull user groups from FortiClient EMS FortiGate is configured with local user group FortiGate is configured to pull user groups from FortiAuthenticator FortiGate is configured to pull user groups from AD Server.
Refer to the exhibit.
Based on the settings shown in the exhibit what action will FortiClient take when it detects that a user is trying to download an infected file? Blocks the infected files as it is downloading Quarantines the infected files and logs all access attempts Sends the infected file to FortiGuard for analysis Allows the infected file to download without scan.
An administrator deploys a FortiClient installation through the Microsoft AD group policy After installation is complete all the custom configuration is missing. What could have caused this problem? The FortiClient exe file is included in the distribution package The FortiClient MST file is missing from the distribution package FortiClient does not have permission to access the distribution package. The FortiClient package is not assigned to the group.
Refer to the exhibits.
Based on the FortiGate Security Fabric settings shown in the exhibits, what must an administrator do on the EMS server to successfully quarantine an endpoint. when it is detected as a compromised host (loC)? The administrator must enable remote HTTPS access to EMS. The administrator must enable FQDN on EMS. The administrator must authorize FortiGate on FortiAnalyzer The administrator must enable SSH access to EMS.
Which statement about FortiClient comprehensive endpoint protection is true? It helps to safeguard systems from email spam It helps to safeguard systems from data loss. It helps to safeguard systems from DDoS. lt helps to safeguard systems from advanced security threats, such as malware.
Refer to the exhibit.
Based on the Security Fabric automation settings, what action will be taken on compromised endpoints? Endpoints will be quarantined through EMS Endpoints will be banned on FortiGate An email notification will be sent for compromised endpoints Endpoints will be quarantined through FortiSwitch.
In a FortiSandbox integration, what does the remediation option do? Wait for FortiSandbox results before allowing files Exclude specified files Alert and notify only Deny access to a file when it sees no results.
Which two VPN types can a FortiClient endpoint user inmate from the Windows command prompt? (Choose two) L2TP PPTP IPSEC SSLVPN.
Refer to the exhibit.
An administrator has restored the modified XML configuration file to FortiClient and sees the error shown in the exhibit.
Based on the XML settings shown in the exhibit, what must the administrator do to resolve the issue with the XML configuration file? The administrator must resolve the XML syntax error. The administrator must use a password to decrypt the file The administrator must change the file size The administrator must save the file as FortiClient-config conf.
An administrator is required to maintain a software inventory on the endpoints. without showing the feature on the FortiClient dashboard What must the administrator do to achieve this requirement? The administrator must use default endpoint profile The administrator must not select the vulnerability scan feature in the deployment package. The administrator must select the vulnerability scan feature in the deployment package, but disable
the feature on the endpoint profile The administrator must click the hide icon on the vulnerability scan tab.
Which statement about FortiClient enterprise management server is true? It provides centralized management of FortiGate devices. lt provides centralized management of multiple endpoints running FortiClient software. It provides centralized management of FortiClient Android endpoints only It provides centralized management of Chromebooks running real-time protection.
Refer to the exhibit.
Based on the settings shown in the exhibit which statement about FortiClient behavior is true? FortiClient quarantines infected files and reviews later, after scanning them. FortiClient blocks and deletes infected files after scanning them. FortiClient scans infected files when the user copies files to the Resources folder FortiClient copies infected files to the Resources folder without scanning them.
Refer to the exhibit.
Based on the FortiClient logs shown in the exhibit which application is blocked by the application firewall? Twitter Facebook Internet Explorer Firefox.
An administrator installs FortiClient on Windows Server.
What is the default behavior of real-time protection control? Real-time protection must update AV signature database Real-time protection sends malicious files to FortiSandbox when the file is not detected locally Real-time protection is disabled Real-time protection must update the signature database from FortiSandbox.
Real-time protection must update the signature database from FortiSandbox Proxy scan Full scan Custom scan Flow scan Quick scan.
Which component or device shares device status information through ZTNA telemetry? FortiClient FortiGate FortiGate Access Proxy FortiClient EMS.
Refer to the exhibits, which show a network topology diagram of ZTNA proxy access and the ZTNA rule configuration.
An administrator runs the diagnose endpoint record list CLI command on FortiGate to check Remote-
Client endpoint information, however Remote-Client is not showing up in the endpoint record list.
What is the cause of this issue? Remote-Client failed the client certificate authentication. Remote-Client provided an empty client certificate to connect to the ZTNA access proxy Remote-Client has not initiated a connection to the ZTNA access proxy. Remote-Client provided an invalid certificate to connect to the ZTNA access proxy.
Refer to the exhibit, which shows the endpoint summary information on FortiClient EMS.
What two conclusions can you make based on the Remote-Client status shown above? (Choose two.) The endpoint is classified as at risk. The endpoint has been assigned the Default endpoint policy. The endpoint is configured to support FortiSandbox. The endpoint is currently off-net.
Refer to the exhibit, which shows the Zero Trust Tagging Rule Set configuration.
Which two statements about the rule set are true? (Choose two.) The endpoint must satisfy that only Windows 10 is running. The endpoint must satisfy that only AV software is installed and running. The endpoint must satisfy that antivirus is installed and running and Windows 10 is running The endpoint must satisfy that only Windows Server 2012 R2 is running.
Refer to the exhibits.
Which shows the configuration of endpoint policies.
Based on the configuration, what will happen when someone logs in with the user account student on
an endpoint in the trainingAD domain? FortiClient EMS will assign the Sales policy FortiClient EMS will assign the Training policy FortiClient EMS will assign the Default policy FortiClient EMS will assign the Training policy for on-fabric endpoints and the Sales policy for the offfabric
endpoint.
Refer to the exhibit.
Based on the settings shown in the exhibit, which two actions must the administrator take to make the endpoint compliant? (Choose two.) Enable the webfilter profile Integrate FortiSandbox for infected file analysis Patch applications that have vulnerability rated as high or above Run Calculator application on the endpoint.
An administrator has a requirement to add user authentication to the ZTNA access for remote or offfabric users Which FortiGate feature is required m addition to ZTNA? FortiGate FSSO FortiGate certificates FortiGate explicit proxy FortiGate endpoint control.
What action does FortiClient anti-exploit detection take when it detects exploits? Terminates the compromised application process Blocks memory allocation to the compromised application process Patches the compromised application process Deletes the compromised application process.
Refer to the exhibit.
Which shows multiple endpoint policies on FortiClient EMS.
Which policy is applied to the endpoint in the AD group trainingAD? The Sales policy The Training policy Both the Sales and Training policies because their priority is higher than the Default policy The Default policy because it has the highest priority.
Refer to the exhibit.
Based on the FortiClient log details shown in the exhibit, which two statements are true? (Choose two.) The filename is Unconfirmed 899290 .crdownload. The file status is Quarantined The filename is sent to ForuSandbox for further inspection The file location IS \??\D:\Users\.
Refer to the exhibit.
Based on the logs shown in the exhibit, why did FortiClient EMS fail to install FortiClient on the endpoint? The remote registry service is not running The Windows installer service is not running The task scheduler service is not running The FortiClient antivirus service is not running.
An administrator installs FortiClient EMS in the enterprise.
Which component is responsible for enforcing protection and checking security posture? FortiClient vulnerability scan FortiClient EMS tags FortiClient EMS FortiClient.
Which three features does FortiClient endpoint security include? (Choose three.) L2TP IPSEC DLP Vulnerability management Real-time protection.
A new chrome book is connected in a school's network.
Which component can the EMS administrator use to manage the FortiClient web filter extension installed on the Google Chromebook endpoint? FortiClient customer URL list FortiClient web filter extension FortiClient EMS FortiClient site categories.
A FortiClient EMS administrator has enabled the compliance rule for the sales department. Which Fortinet device will enforce compliance with dynamic access control? FortiClient FortiClient EMS FortiGate FortiAnalyzer.
|
