Winter Special Flat 65% Limited Time Discount offer - Ends in 0d 00h 00m 00s - Coupon code: suredis

Certensure Logo
  1. Home
  2. Fortinet
  3. NSE 6 Network Security Specialist
  4. NSE6_FAC-6.1 - Fortinet NSE 6 - FortiAuthenticator 6.1

Fortinet NSE6_FAC-6.1 Fortinet NSE 6 - FortiAuthenticator 6.1 Exam Practice Test

Demo: 9 questions
Total 30 questions
Get NSE6_FAC-6.1 Full Access Download NSE6_FAC-6.1 PDF

Fortinet NSE 6 - FortiAuthenticator 6.1 Questions and Answers

Question 1

You are a FortiAuthenticator administrator for a large organization. Users who are configured to use FortiToken 200 for two-factor authentication can no longer authenticate. You have verified that only the users with two-factor authentication are experiencing the issue.

What can couse this issue?

Options:

A.

On of the FortiAuthenticator devices in the active-active cluster has failed

B.

FortiAuthenticator has lose contact with the FortiToken Cloud servers

C.

FortiToken 200 licence has expired

D.

Time drift between FortiAuthenticator and hardware tokens

Question 2

How can a SAML metada file be used?

Options:

A.

To defined a list of trusted user names

B.

To import the required IDP configuration

C.

To correlate the IDP address to its hostname

D.

To resolve the IDP realm for authentication

Question 3

Which three of the following can be used as SSO sources? (Choose three)

Options:

A.

FortiClient SSO Mobility Agent

B.

SSH Sessions

C.

FortiAuthenticator in SAML SP role

D.

Fortigate

E.

RADIUS accounting

Question 4

Which network configuration is required when deploying FortiAuthenticator for portal services?

Options:

A.

FortiAuthenticator must have the REST API access enable on port1

B.

One of the DNS servers must be a FortiGuard DNS server

C.

Fortigate must be setup as default gateway for FortiAuthenticator

D.

Policies must have specific ports open between FortiAuthenticator and the authentication clients

Question 5

Which two types of digital certificates can you create in Fortiauthenticator? (Choose two)

Options:

A.

Usercertificate

B.

Organization validation certificate

C.

Third-party root certificate

D.

Local service certificate

Question 6

Which statement about the guest portal policies is true?

Options:

A.

Guest portal policies apply only to authentication requests coming from unknown RADIUS clients

B.

Guest portal policies can be used only for BYODs

C.

Conditions in the policy apply only to guest wireless users

D.

All conditions in the policy must match before a user is presented with the guest portal

Question 7

What happens when a certificate is revoked? (Choose two)

Options:

A.

Revoked certificates cannot be reinstated for any reason

B.

All certificates signed by a revoked CA certificate are automatically revoked

C.

Revoked certificates are automatically added to the CRL

D.

External CAs will priodically query Fortiauthenticator and automatically download revoked certificates

Question 8

Which two SAML roles can Fortiauthenticator be configured as? (Choose two)

Options:

A.

Idendity provider

B.

Principal

C.

Assertion server

D.

Service provider

Question 9

Which two capabilities does FortiAuthenticator offer when acting as a self-signed or local CA? (Choose two)

Options:

A.

Validating other CA CRLs using OSCP

B.

Importing other CA certificates and CRLs

C.

Merging local and remote CRLs using SCEP

D.

Creating, signing, and revoking of X.509 certificates

Load More NSE6_FAC-6.1 Questions
Demo: 9 questions
Total 30 questions
Get NSE6_FAC-6.1 Full Access Download NSE6_FAC-6.1 PDF