Tag - NSE7_ZTA-7.2 exam

FortiNAC has alarm mappings configured for MDM compliance failure, and FortiClient EMS is added as a MDM connector. When an endpoint is quarantined by FortiClient EMS, what action does FortiNAC perform?A . The host is isolated in the registration VLANB . The host is marked at riskC . The host...

Exhibit. Based on the ZTNA logs provided, which statement is true?A . The Remote_user ZTNA tag has matched the ZTNA ruleB . An authentication scheme is configuredC . The external IP for ZTNA server is 10 122 0 139.D . Traffic is allowed by firewall policy 1View AnswerAnswer: A Explanation:...

An administrator has to configure LDAP authentication tor ZTNA HTTPS access proxy Which authentication scheme can the administrator apply1?A . BasicB . Form-basedC . DigestD . NTLMView AnswerAnswer: B Explanation: LDAP (Lightweight Directory Access Protocol) authentication for ZTNA (Zero Trust Network Access) HTTPS access proxy is effectively implemented using a...

Exhibit. Which statement is true about the hr endpoint?A . The endpoint is a rogue deviceB . The endpoint is disabledC . The endpoint is unauthenticatedD . The endpoint has been marked at riskView AnswerAnswer: D Explanation: Based on the exhibit showing the status of the hr endpoint, the true...

Which one of the supported communication methods does FortiNAC use for initial device identification during discovery?A . LLDPB . SNMPC . APID . SSHView AnswerAnswer: B Explanation: FortiNAC uses a variety of methods to identify devices on the network, such as Vendor OUI, DHCP fingerprinting, and device profiling12. One of...

What happens when FortiClient EMS is configured as an MDM connector on FortiNAC?A . FortiNAC sends the host data to FortiClient EMS to update its host databaseB . FortiClient EMS verifies with FortiNAC that the device is registeredC . FortiNAC polls FortiClient EMS periodically to update already registered hosts in...

Which two types of configuration can you associate with a user/host profile on FortiNAC? (Choose two.)A . Service ConnectorsB . Network AccessC . InventoryD . Endpoint complianceView AnswerAnswer: B D Explanation: User/host profiles are used to map sets of hosts and users to different types of policies or rules on...

Exhibit. Which port group membership should you enable on FortiNAC to isolate rogue hosts'?A . Forced AuthenticationB . Forced RegistrationC . Forced RemediationD . Reset Forced RegistrationView AnswerAnswer: C Explanation: In FortiNAC, to isolate rogue hosts, you should enable the: C) Forced Remediation: This port group membership is used to...

Which two statements are true regarding certificate-based authentication for ZTNA deployment? (Choose two.) A. FortiGate signs the client certificate submitted by FortiClient. B. The default action for empty certificates is block C. Certificate actions can be configured only on the FortiGate CLI D. Client certificate configuration is a mandatory component...

Which statement is true about disabled hosts on FortiNAC?A . They are quarantined and placed in the remediation VLANB . They are placed in the authentication VLAN to reauthenticateC . They are marked as unregistered rogue devicesD . They are placed in the dead end VLANView AnswerAnswer: A Explanation: They...