New Year Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70special

Fortinet NSE6_FNC-9.1 Fortinet NSE 6 - FortiNAC 9.1 Exam Practice Test

Fortinet NSE 6 - FortiNAC 9.1 Questions and Answers

Testing Engine

  • Product Type: Testing Engine
$37.5  $124.99

PDF Study Guide

  • Product Type: PDF Study Guide
$33  $109.99
Question 1

Which system group will force at-risk hosts into the quarantine network, based on point of connection?

Options:

A.

Physical Address Filtering

B.

Forced Quarantine

C.

Forced Isolation

D.

Forced Remediation

Question 2

What causes a host's state to change to "at risk"?

Options:

A.

The host has failed an endpoint compliance policy or admin scan.

B.

The logged on user is not found in the Active Directory.

C.

The host has been administratively disabled.

D.

The host is not in the Registered Hosts group.

Question 3

Refer to the exhibit.

If a host is connected to a port in the Building 1 First Floor Ports group, what must also be true to match this user/host profile?

Options:

A.

The host must have a role value of contractor, an installed persistent agent or a security access value of contractor, and be connected between 6 AM and 5 PM.

B.

The host must have a role value of contractor or an installed persistent agent, a security access value of contractor, and be connected between 9 AM and 5 PM.

C.

The host must have a role value of contractor or an installed persistent agent and a security access value of contractor, and be connected between 6 AM and 5 PM.

D.

The host must have a role value of contractor or an installed persistent agent or a security access value of contractor, and be connected between 6 AM and 5 PM.

Question 4

How are logical networks assigned to endpoints?

Options:

A.

Through device profiling rules

B.

Through network access policies

C.

Through Layer 3 polling configurations

D.

Through FortiGate IPv4 policies

Question 5

Where do you look to determine which network access policy, if any is being applied to a particular host?

Options:

A.

The Policy Details view for the host

B.

The Connections view

C.

The Port Properties view of the hosts port

D.

The Policy Logs view

Question 6

View the command and output shown in the exhibit.

What is the current state of this host?

Options:

A.

Rogue

B.

Registered

C.

Not authenticated

D.

At-Risk

Question 7

Which two policy types can be created on a FortiNAC Control Manager? (Choose two.)

Options:

A.

Authentication

B.

Network Access

C.

Endpoint Compliance

D.

Supplicant EasvConnect

Question 8

Which two of the following are required for endpoint compliance monitors? (Choose two.)

Options:

A.

Persistent agent

B.

Logged on user

C.

Security rule

D.

Custom scan

Question 9

In a wireless integration, what method does FortiNAC use to obtain connecting MAC address information?

Options:

A.

SNMP traps

B.

RADIUS

C.

Endstation traffic monitoring

D Link traps

Question 10

Which agent can receive and display messages from FortiNAC to the end user?

Options:

A.

Dissolvable

B.

Persistent

C.

Passive

D.

MDM

Question 11

Refer to the exhibit.

What would happen if the highlighted port with connected hosts was placed in both the Forced Registration and Forced Remediation port groups?

Options:

A.

Multiple enforcement groups could not contain the same port.

B.

Only the higher ranked enforcement group would be applied.

C.

Both types of enforcement would be applied.

D.

Enforcement would be applied only to rogue hosts.

Question 12

View the command and output.

What is the state of database replication?

Options:

A.

Secondary to primary synchronization failed.

B.

Primary to secondary synchronization failed.

C.

Secondary to primary synchronization was successful.

D.

Primary to secondary database synchronization was successful.

Question 13

With enforcement for network access policies and at-risk hosts enabled, what will happen if a host matches a network access policy and has a state of "at risk"?

Options:

A.

The host is provisioned based on the default access defined by the point of connection.

B.

The host is provisioned based on the network access policy.

C.

The host is isolated.

D.

The host is administratively disabled.

Question 14

An administrator wants the Host At Risk event to generate an alarm. What is used to achieve this result?

Options:

A.

A security trigger activity

B.

A security filter

C.

An event to alarm mapping

D.

An event to action mapping