Fortinet NSE6_FNC-7.2 Study Guide Archives Updated on Apr 19, 2024
Download NSE6_FNC-7.2 Mock Test Study Material
Fortinet NSE6_FNC-7.2 Exam Syllabus Topics:
| Topic | Details |
|---|---|
| Topic 1 |
|
| Topic 2 |
|
| Topic 3 |
|
| Topic 4 |
|
| Topic 5 |
|
| Topic 6 |
|
| Topic 7 |
|
NEW QUESTION # 12
Where do you look to determine which network access policy, if any is being applied to a particular host?
- A. The Connections view
- B. The Port Properties view of the hosts port
- C. The Policy Details view for the host
- D. The Policy Logs view
Answer: C
Explanation:
FortiNAC p 382: "Under Network Access Settings - Policy Name - Name of the Network Access Policy that currently applies to the host."
NEW QUESTION # 13
Where should you configure MAC notification traps on a supported switch?
- A. Configure them only after you configure linkup and linkdown traps.
- B. Configure them on all ports except uplink ports.
- C. Configure them on all ports on the switch.
- D. Configure them only on ports set as 802 1g trunks.
Answer: B
NEW QUESTION # 14
What would happen if a port was placed in both the Forced Registration and the Forced Remediation port groups?
- A. Both enforcement groups cannot contain the same port.
- B. Only rogue hosts would be impacted.
- C. Only al-risk hosts would be impacted.
- D. Both types of enforcement would be applied.
Answer: A
NEW QUESTION # 15
Which command line shell and scripting language does FortiNAC use for WinRM?
- A. DOS
- B. Powershell
- C. Bash
- D. Linux
Answer: B
NEW QUESTION # 16
Which system group will force at-risk hosts into the quarantine network, based on point of connection?
- A. Forced Quarantine
- B. Physical Address Filtering
- C. Forced Isolation
- D. Forced Remediation
Answer: C
NEW QUESTION # 17
What would occur if both an unknown (rogue) device and a known (trusted) device simultaneously appeared on a port that is a member of the Forced Registration port group?
- A. The port would not be managed, and an event would be generated.
- B. The port would be administratively shut down.
- C. The port would be provisioned for the normal state host, and both hosts would have access to that VLAN.
- D. The port would be provisioned to the registration network, and both hosts would be isolated.
Answer: C
NEW QUESTION # 18
Refer to the exhibit.
Considering the host status of the two hosts connected to the same wired port, what will happen if the port is a member of the Forced Registration port group?
- A. The port will be provisioned to the registration network, and both hosts will be isolated.
- B. The port will not be managed, and an event will be generated.
- C. The port will be provisioned for the normal state host, and both hosts will have access to that VLAN.
- D. The port will be administratively shut down.
Answer: A
NEW QUESTION # 19
Refer to the exhibit.
If you are forcing the registration of unknown (rogue) hosts, and an unknown (rogue) host connects to a port on the switch, what will occur?
- A. No VLAN change is performed
- B. The host is moved to VLAN 111.
- C. The host is disabled.
- D. The host is moved to a default isolation VLAN.
Answer: A
NEW QUESTION # 20
When FortiNAC passes a firewall tag to FortiGate, what determines the value that is passed?
- A. RADIUS group attribute
- B. Security rule
- C. Logical network
- D. Device profiling rule
Answer: C
NEW QUESTION # 21
While troubleshooting a network connectivity issue, an administrator determines that a device was being automatically provisioned to an incorrect VLAN.
Where would the administrator look to determine when and why FortiNAC made the network access change?
- A. The Port Changes view
- B. The Admin Auditing view
- C. The Event view
- D. The Connections view
Answer: A
NEW QUESTION # 22
Where do you look to determine when and why the FortiNAC made an automated network access change?
- A. The Port Changes view
- B. The Admin Auditing view
- C. The Connections view
- D. The Event view
Answer: D
NEW QUESTION # 23
Which command line shell and scripting language does FortiNAC use for WinRM?
- A. DOS
- B. Powershell
- C. Bash
- D. Linux
Answer: B
Explanation:
Open Windows PowerShell or a command prompt. Run the following command to determine if you already have WinRM over HTTPS configured.
Reference:
Admin Guide on p. 362, "Matches if the device successfully responds to a WinRM client session request. User name and password credentials are required. If there are multiple credentials, each set of credentials will be attempted to find a potential match. The commands are used to automate interaction with the device. Each command is run via Powershell."
NEW QUESTION # 24
What causes a host's state to change to "at risk"?
- A. The host has failed an endpoint compliance policy or admin scan.
- B. The host is not in the Registered Hosts group.
- C. The host has been administratively disabled.
- D. The logged on user is not found in the Active Directory.
Answer: D
NEW QUESTION # 25
Where do you look to determine what network access policy, if any, is being applied to a particular host?
- A. The network access policy configuration
- B. The Policy Details view for the host
- C. The Port Properties view of the hosts port
- D. The Policy Logs view
Answer: D
NEW QUESTION # 26
Which two methods can be used to gather a list of installed applications and application details from a host? (Choose two)
- A. Portal page on-boarding options
- B. Application layer traffic inspection
- C. MDM integration
- D. Agent technology
Answer: A,B
NEW QUESTION # 27
Which system group will force at-risk hosts into the quarantine network, based on point of connection?
- A. Forced Quarantine
- B. Physical Address Filtering
- C. Forced Remediation
- D. Forced Isolation
Answer: A
Explanation:
Forced Quarantine, study guide 7.2 pag 245 and 248
NEW QUESTION # 28
Which agent is used only as part of a login script?
- A. Mobile
- B. Persistent
- C. Dissolvable
- D. Passive
Answer: B
NEW QUESTION # 29
Which two policy types can be created on a FortiNAC Control Manager? (Choose two.)
- A. Endpoint Compliance
- B. Supplicant EasvConnect
- C. Network Access
- D. Authentication
Answer: A,C
NEW QUESTION # 30
Which three communication methods are used by the FortiNAC to gather information from, and control, infrastructure devices? (Choose three)
- A. RADIUS
- B. SMTP
- C. OSNMP
- D. FTP
- E. DCLI
Answer: B,D,E
NEW QUESTION # 31
......
NSE6_FNC-7.2 Questions Prepare with Learning Information: https://www.passcollection.com/NSE6_FNC-7.2_real-exams.html
Practice Material for NSE6_FNC-7.2 Exam Question Preparation: https://drive.google.com/open?id=1ur1adORsXcPvCjmrKUOb-UnNbbmyBFeP
