CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Fortinet
  5. FCP_FCT_AD-7.2

Free FCP_FCT_AD-7.2 Exam Braindumps (page: 7)

Page 6 of 15
PDF with 55 Questions

An administrator installs FortiClient EMS in the enterprise.

Which component is responsible for enforcing protection and checking security posture?

  1. FortiClient EMS tags
  2. FortiClient vulnerability scan
  3. FortiClient
  4. FortiClient EMS

Answer(s): C

Explanation:

Understanding FortiClient EMS Components:

FortiClient EMS manages and configures endpoint security settings, while FortiClient installed on the endpoint enforces protection and checks security posture.

Evaluating Responsibilities:

FortiClient performs the actual enforcement of security policies and checks the security posture of the endpoint.

Conclusion:

The component responsible for enforcing protection and checking security posture is FortiClient (C).


Reference:

FortiClient EMS and endpoint security documentation from the study guides.



Refer to the exhibit.



Based on The settings shown in The exhibit, which statement about FortiClient behaviour is Hue?

  1. FortiClient scans infected files when the user copies files to the Resources folder.
  2. FortiClient quarantines infected ties and reviews later, after scanning them.
  3. FortiClient copies infected files to the Resources folder without scanning them.
  4. FortiClient blocks and deletes infected files after scanning them.

Answer(s): A

Explanation:

Based on the settings shown in the exhibit, FortiClient is configured toscan files as they are downloaded or copiedto the system. This means that if a user copies files to the "Resources" folder, which is not listed under exclusions, FortiClient will scan these files for infections. The exclusion path mentioned in the settings, "C:\Users\Administrator\Desktop\Resources", indicates that any files copied to this specific folder will not be scanned, but since the question implies that the "Resources" folder is not the same as the excluded path, FortiClient will indeed scan the files for infections.



What action does FortiClient anti-exploit detection take when it detects exploits?

  1. Deletes the compromised application process
  2. Patches the compromised application process
  3. Blocks memory allocation to the compromised application process
  4. Terminates the compromised application process

Answer(s): D

Explanation:

The anti-exploit detection protects vulnerable endpoints from unknown exploit attacks. FortiClient monitors the behavior of popular applications, such as web browsers (Internet Explorer, Chrome, Firefox, Opera), Java/Flash plug-ins, Microsoft Office applications, and PDF readers, to detect exploits that use zero-day or unpatched vulnerabilities to infect the endpoint. Once detected, FortiClient terminates the compromised application process.



What is the function of the quick scan option on FortiClient?

  1. It scans programs and drivers that are currently running, for threats
  2. It performs a full system scan including all files, executable files. DLLs, and drivers for throats.
  3. It allows users to select a specific file folder on their local hard disk drive (HDD), to scan for threats.
  4. It scans executable files. DLLs, and drivers that are currently running, for threats.

Answer(s): D

Explanation:

Understanding Quick Scan Function:

The quick scan option on FortiClient is designed to scan certain elements of the system quickly for threats.

Evaluating Scan Scope:

The quick scan specifically targets executable files, DLLs, and drivers that are currently running, providing a rapid assessment of the active components of the system.

Conclusion:

The correct answer is D, as it accurately describes the function of the quick scan option on FortiClient.


Reference:

FortiClient scanning options documentation from the study guides.






Post your Comments and Discuss Fortinet FCP_FCT_AD-7.2 exam with other Community members:

FCP_FCT_AD-7.2 Discussions & Posts