Summer Special Limited Time 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 60certs

Fortinet NSE7_ZTA-7.2 Dumps

Fortinet NSE 7 - Zero Trust Access 7.2 Questions and Answers

Question 1

Which factor is a prerequisite on FortiNAC to add a Layer 3 router to its inventory?

Options:

A.

Allow HTTPS access from the router to the FortiNAC ethO IP address

B.

Allow FTP access to the FortiNAC database from the router

C.

The router responding to ping requests from the FortiNAC eth1 IP address

D.

SNMP or CLI access to the router to carry out remote tasks

Question 2

With the increase in loT devices, which two challenges do enterprises face? (Choose two.)

Options:

A.

Bandwidth consumption due to added overhead of loT

B.

Maintaining a high performance network

C.

Unpatched vulnerabilities in loT devices

D.

Achieving full network visibility

Question 3

Which three core products are mandatory in the Fortinet ZTNA solution'' {Choose three.)

Options:

A.

FortiClient EMS

B.

FortiClient

C.

FortiToken

D.

FortiGate

E.

FortiAuthenticator

Question 4

Which two statements are true regarding certificate-based authentication for ZTNA deployment? (Choose two.)

Options:

A.

FortiGate signs the client certificate submitted by FortiClient.

B.

The default action for empty certificates is block

C.

Certificate actions can be configured only on the FortiGate CLI

D.

Client certificate configuration is a mandatory component for ZTNA

Question 5

Which two types of configuration can you associate with a user/host profile on FortiNAC? (Choose two.)

Options:

A.

Service Connectors

B.

Network Access

C.

Inventory

D.

Endpoint compliance

Question 6

Which method is used to install passive agent on an endpoint?

Options:

A.

Deployed by using a login/logout script

B.

Agent is downloaded from Playstore

C.

Agent is downloaded and run from captive portal

D.

Installed by user or deployment tools

Question 7

Which statement is true about disabled hosts on FortiNAC?

Options:

A.

They are quarantined and placed in the remediation VLAN

B.

They are placed in the authentication VLAN to reauthenticate

C.

They are marked as unregistered rogue devices

D.

They are placed in the dead end VLAN

Question 8

FortiNAC has alarm mappings configured for MDM compliance failure, and FortiClient EMS is added as a MDM connector When an endpoint is quarantined by FortiClient EMS, what action does FortiNAC perform?

Options:

A.

The host is isolated in the registration VLAN

B.

The host is marked at risk

C.

The host is forced to authenticate again

D.

The host is disabled

Question 9

Which configuration is required for FortiNAC to perform an automated incident response based on the FortiGate traffic?

Options:

A.

FortiNAC should be added as a participant in the Security Fabric

B.

FortiNAC requires read-write SNMP access to FortiGate.

C.

FortiNAC should be configured as a syslog server on FortiGate

D.

FortiNAC requires HTTPS access to FortiGate for API calls