Black Friday Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70percent

Fortinet NSE7_ZTA-7.2 Fortinet NSE 7 - Zero Trust Access 7.2 Exam Practice Test

Demo: 9 questions
Total 30 questions

Fortinet NSE 7 - Zero Trust Access 7.2 Questions and Answers

Question 1

Exhibit.

Which port group membership should you enable on FortiNAC to isolate rogue hosts'?

Options:

A.

Forced Authentication

B.

Forced Registration

C.

Forced Remediation

D.

Reset Forced Registration

Question 2

exhibit.

User student is not able to log in to SSL VPN

Given the output showing a real-time debug: which statement describes the login failure?

Options:

A.

Unable to verify chain of trust for the peer certificate

B.

CN does not match the user peer configuration

C.

student is not part of the usergroup SSL_VPN_Users.

D.

Client certificate has expired

Question 3

Which one of the supported communication methods does FortiNAC usefor initial device identification during discovery?

Options:

A.

LLDP

B.

SNMP

C.

API

D.

SSH

Question 4

An administrator is trying to create a separate web tittering profile for off-fabric and on-fabric clients and push it to managed FortiClient devices

Where can you enable this feature on FortiClient EMS?

Options:

A.

Endpoint policy

B.

ZTNA connection rules

C.

System settings

D.

On-fabric rule sets

Question 5

What are the three core principles of ZTA? (Choose three.)

Options:

A.

Verity

B.

Be compliant

C.

Certify

D.

Minimal access

E.

Assume breach

Question 6

With the increase in loT devices, which two challenges do enterprises face? (Choose two.)

Options:

A.

Bandwidth consumption due to added overhead of loT

B.

Maintaining a high performance network

C.

Unpatched vulnerabilities in loT devices

D.

Achieving full network visibility

Question 7

Which method is used to install passive agent on an endpoint?

Options:

A.

Deployed by using a login/logout script

B.

Agent is downloaded from Playstore

C.

Agent is downloaded and run from captive portal

D.

Installed by user or deployment tools

Question 8

An administrator has to configure LDAP authentication tor ZTNA HTTPS access proxy Which authentication scheme can the administrator apply1?

Options:

A.

Basic

B.

Form-based

C.

Digest

D.

NTLM

Question 9

Which statement is true regarding a FortiClient quarantine using FortiAnalyzer playbooks?

Options:

A.

FortiGate sends a notification to FortiClient EMS to quarantine the endpoint

B.

FortiAnalyzer discovers malicious activity in the logs and notifies FortiGate

C.

FortiAnalyzer sends an API to FortiClient EMS to quarantine the endpoint

D.

FortiClient sends logs to FortiAnalyzer

Demo: 9 questions
Total 30 questions