Summer Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ecus65

Fortinet NSE6_FNC-7.2 - Fortinet NSE 6 - FortiNAC 7.2

Page: 1 / 2
Total 57 questions

Which two methods can be used to gather a list of installed applications and application details from a host? (Choose two.)

A.

Agent technology

B.

Portal page on-boarding options

C.

MDM integration

D.

Application layer traffic inspection

What capability do logical networks provide?

A.

Point of access-base autopopulation of device groups'

B.

Interactive topology view diagrams

C.

Application of different access values from a single access policy

D.

IVLAN -based inventory reporting

What agent is required in order to detect an added USB drive?

A.

Persistent

B.

Dissolvable

C.

Mobile

D.

Passive

By default, if more than 20 hosts are seen connected on a single port simultaneously, what will happen to the port?

A.

The port is switched into the Dead-End VLAN.

B.

The port becomes a threshold uplink.

C.

The port is disabled.

D.

The port is added to the Forced Registration group.

An administrator is configuring FortiNAC to manage FortiGate VPN users. As part of the configuration, the administrator must configure a few FortiGate firewall policies.

What is the purpose of the FortiGate firewall policy that applies to unauthorized VPN clients?

A.

To deny access to only the production DNS server

B.

To allow access to only the FortiNAC VPN interface

C.

To allow access to only the production DNS server

D.

To deny access to only the FortiNAC VPN interface

Which two device classification options can register a device automatically and transparently to the end user? (Choose two.)

A.

Dissolvable agent

B.

DotlxAuto Registration

C.

Device importing

D.

MDM integration

E.

Captive portal

Which three of the following are components of a security rule? (Choose three.)

A.

Security String

B.

Methods

C.

Action

D.

User or host profile

E.

Trigger

Two FortiNAC devices have been configured in an HA configuration. After five failed heartbeats between the primary device and secondary device, the primary device fail to ping the designated gateway. What happens next?

A.

The primary device continues to operate as the in-control device and changes the status or secondary device to contact lost.

B.

The primary device changes its designation to secondary, and the secondary device changes to primary.

C.

The primary device shuts down NAC processes and changes to a management down status.

D.

The primary device waits 3 minutes and attempts to re-establish the HA heartbeat before attempting a second ping of the gateway.

What would occur if both an unknown (rogue) device and a known (trusted) device simultaneously appeared on a port that is a member of the Forced Registration port group?

A.

The port would be provisioned for the normal state host, and both hosts would have access to that VLAN.

B.

The port would not be managed, and an event would be generated.

C.

The port would be provisioned to the registration network, and both hosts would be isolated.

D.

The port would be administratively shut down.

Which two are required for endpoint compliance monitors? (Choose two.}

A.

Custom scan

B.

ZTNA agent

C.

Persistent agent

D.

MDM integration