CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Fortinet
  5. FCSS_SASE_AD-23

Free FCSS_SASE_AD-23 Exam Braindumps (page: 1)

Page 1 of 9
PDF with 30 Questions

Refer to the exhibits.







A FortiSASE administrator has configured an antivirus profile in the security profile group and applied it to the internet access policy. Remote users are still able to download the eicar.com-zip file from https://eicar.org. Traffic logs show traffic is allowed by the policy.
Which configuration on FortiSASE is allowing users to perform the download?

  1. Web filter is allowing the traffic.
  2. IPS is disabled in the security profile group.
  3. The HTTPS protocol is not enabled in the antivirus profile.
  4. Force certificate inspection is enabled in the policy.

Answer(s): A

Explanation:

Based on the provided exhibits and the configuration details, the reason why users are still able to download the eicar.com-zip file despite having an antivirus profile applied is due to the Web Filter allowing the traffic. Here is the step-by-step detailed explanation:
Web Filtering Logs Analysis:
The logs show that the traffic to the destination port 443 (which is HTTPS) is allowed and the security event triggered is Web Filter.
The log details indicate that the URL belongs to an allowed category in the policy and thus, the traffic is permitted by the Web Filter.
Security Profile Group Configuration:
The Web Filter with Inline-CASB section indicates that the site www.eicar.org is being monitored (93 occurrences) and not blocked.
Since the Web Filter is set to allow traffic from this site, the antivirus profile will not block it because the Web Filter decision takes precedence.
Antivirus Profile Configuration:
Although the antivirus profile is configured, the logs do not show any antivirus actions being triggered. This indicates that the web filter is overriding the antivirus action.
Policy Configuration:
The policy named "Web Traffic" shows that it has logging enabled and is set to accept traffic. The profile group "SIA" applied to this policy includes both Web Filter and Antivirus settings. However, since the Web Filter is allowing the traffic, the antivirus profile does not get the chance to inspect it.


Reference:

FortiGate Security 7.2 Study Guide: Provides details on the precedence of web filtering over antivirus in security profiles.
Fortinet Knowledge Base: Detailed explanation of web filtering and antivirus profiles interaction.



An organization wants to block all video and audio application traffic but grant access to videos from CNN Which application override action must you configure in the Application Control with Inline- CASB?

  1. Allow
  2. Pass
  3. Permit
  4. Exempt

Answer(s): D

Explanation:

To block all video and audio application traffic while granting access to videos from CNN, you need to configure an application override action in the Application Control with Inline-CASB. Here is the step- by-step detailed explanation:
Application Control Configuration:
Application Control is used to identify and manage application traffic based on predefined or custom application signatures.
Inline-CASB (Cloud Access Security Broker) extends these capabilities by allowing more granular control over cloud applications.
Blocking Video and Audio Applications:

To block all video and audio application traffic, you can create a policy within Application Control to deny all categories related to video and audio streaming.
Granting Access to Specific Videos (CNN):
To allow access to videos from CNN specifically, you must create an override rule within the same Application Control profile.
The override action "Exempt" ensures that traffic to specified URLs (such as those from CNN) is not subjected to the blocking rules set for other video and audio traffic.
Configuration Steps:
Navigate to the Application Control profile in the FortiSASE interface. Set the application categories related to video and audio streaming to "Block." Add a new override entry for CNN video traffic and set the action to "Exempt."


Reference:

FortiOS 7.2 Administration Guide: Detailed steps on configuring Application Control and Inline-CASB. Fortinet Training Institute: Provides scenarios and examples of using Application Control with Inline- CASB for specific use cases.



Refer to the exhibits.





When remote users connected to FortiSASE require access to internal resources on Branch-2. how will traffic be routed?

  1. FortiSASE will use the SD-WAN capability and determine that traffic will be directed to HUB-2.
    which will then route traffic to Branch-2.
  2. FortiSASE will use the AD VPN protocol and determine that traffic will be directed to Branch-2 directly, using a static route
  3. FortiSASE will use the SD-WAN capability and determine that traffic will be directed to HUB-1, which will then route traffic to Branch-2.
  4. FortiSASE will use the AD VPN protocol and determine that traffic will be directed to Branch-2 directly, using a dynamic route

Answer(s): C

Explanation:

When remote users connected to FortiSASE require access to internal resources on Branch-2, the following process occurs:
SD-WAN Capability:
FortiSASE leverages SD-WAN to optimize traffic routing based on performance metrics and priorities. In the priority settings, HUB-1 is configured with the highest priority (P1), whereas HUB-2 has a lower priority (P2).
Traffic Routing Decision:
FortiSASE evaluates the available hubs (HUB-1 and HUB-2) and selects HUB-1 due to its highest priority setting.

Once the traffic reaches HUB-1, it is then routed to the appropriate branch based on internal routing policies.
Branch-2 Access:
Since HUB-1 has the highest priority, FortiSASE directs the traffic to HUB-1. HUB-1 then routes the traffic to Branch-2, providing the remote users access to the internal resources.


Reference:

FortiOS 7.2 Administration Guide: Details on SD-WAN configurations and priority settings. FortiSASE 23.2 Documentation: Explains how FortiSASE integrates with SD-WAN to route traffic based on defined priorities and performance metrics.



What are two advantages of using zero-trust tags? (Choose two.)

  1. Zero-trust tags can be used to allow or deny access to network resources
  2. Zero-trust tags can determine the security posture of an endpoint.
  3. Zero-trust tags can be used to create multiple endpoint profiles which can be applied to different endpoints
  4. Zero-trust tags can be used to allow secure web gateway (SWG) access

Answer(s): A,B

Explanation:

Zero-trust tags are critical in implementing zero-trust network access (ZTNA) policies. Here are the two key advantages of using zero-trust tags:
Access Control (Allow or Deny):
Zero-trust tags can be used to define policies that either allow or deny access to specific network resources based on the tag associated with the user or device. This granular control ensures that only authorized users or devices with the appropriate tags can access sensitive resources, thereby enhancing security.
Determining Security Posture:
Zero-trust tags can be utilized to assess and determine the security posture of an endpoint. Based on the assigned tags, FortiSASE can evaluate the device's compliance with security policies, such as antivirus status, patch levels, and configuration settings. Devices that do not meet the required security posture can be restricted from accessing the network or given limited access.


Reference:

FortiOS 7.2 Administration Guide: Provides detailed information on configuring and using zero-trust tags for access control and security posture assessment. FortiSASE 23.2 Documentation: Explains how zero-trust tags are implemented and used within the FortiSASE environment for enhancing security and compliance.



Page 1 of 9



Post your Comments and Discuss Fortinet FCSS_SASE_AD-23 exam with other Community members:

Priest-Son commented on October 24, 2024
helpful questions also in other forums
UNITED STATES
upvote

Simon commented on October 24, 2024
guys waht do you think about this dump?
Anonymous
upvote

Kay commented on October 24, 2024
There's new test updated for network+: N10-009. Hope we could have it soon.
Anonymous
upvote

John Como commented on October 24, 2024
Very helpful
UNITED STATES
upvote

saif Ali commented on October 24, 2024
for Question no 50 The answer would be using lambda vdf as this provides automation
INDIA
upvote

Baghya commented on October 24, 2024
Yeh dumps use kiye aur exam mein pass ho gaya.
INDIA
upvote

Varma commented on October 24, 2024
Thanks team and Thanks to these dumps, I’ve never felt so confident about last-minute prep!
INDIA
upvote

Darko commented on October 24, 2024
Passed! let’s just say these dumps were the secret weapon.
EUROPEAN UNION
upvote

Machoo987 commented on October 24, 2024
Studying wasn’t working, so I turned to these dumps—best decision I made since pizza for breakfast!
UNITED STATES
upvote

Zuby commented on October 24, 2024
Nice Question
UNITED STATES
upvote

Chandara commented on October 24, 2024
I passed with ease, and now I have to explain to my friends how ‘studying’ got me through. hahah
INDIA
upvote

Jack commented on October 24, 2024
Muito bom as perguntas
Anonymous
upvote

Diogo Gomes commented on October 24, 2024
As Muhammad Saleem comented, question 20 is wrong. Entities are found in the Data layer and not in the Interface layer.
UNITED STATES
upvote

Neena commented on October 24, 2024
This dump PDF gets the job done
Anonymous
upvote

test commented on October 24, 2024
good one to go through
Anonymous
upvote

Kamal commented on October 24, 2024
I’m 90% sure I owe my new certification to these dumps, and 10% to coffee. LOL Questions are valid and same in the real exam.
Netherlands
upvote

Maseh commented on October 24, 2024
Who knew cramming could be so effective? These dumps saved me from a meltdown!
EUROPEAN UNION
upvote

Drew commented on October 24, 2024
Used these dumps, nailed the exam—now I’m basically a genius (or close enough).
Australia
upvote

Shawn commented on October 24, 2024
As you must know by now the exam is extremely hard. The only way to pass is to know the questions and answers and I found these dump questions very relevant to actual exam.
Canada
upvote

Vidhi Mishra commented on October 24, 2024
Huge set of Cloud Dital leader exam
Anonymous
upvote

jakir commented on October 24, 2024
its really more help full.
BANGLADESH
upvote

TheUser commented on October 23, 2024
So far seems good
Anonymous
upvote

John commented on October 23, 2024
great insight
BOTSWANA
upvote

nigga commented on October 23, 2024
niggaaaaaaaaaa
CANADA
upvote

Chris commented on October 23, 2024
Is this site currently valid for the AZ-900 exam as of October 23, 2024?
Anonymous
upvote

Rian commented on October 23, 2024
Good night comment
Anonymous
upvote

K commented on October 23, 2024
Good Questions
UNITED STATES
upvote

Jayson commented on October 23, 2024
Can someone confirm if this is for the 7th edition or not?
AUSTRALIA
upvote

anonymus commented on October 23, 2024
master database differential backup is not supported in sql server
EUROPEAN UNION
upvote

Arun commented on October 23, 2024
Very useful for cert
GERMANY
upvote

Brian commented on October 23, 2024
Good questions
Anonymous
upvote

TiVO commented on October 22, 2024
Out of curiosity (I thought the 1101 had 90 questions and the 1102 has 90 questions) which questions exactly on this test rotation or is it random?
Anonymous
upvote

Manish commented on October 22, 2024
This is created a very professional manner with 100% correct answer
Anonymous
upvote

Nikhil commented on October 22, 2024
Nice Dump with good questions!
Anonymous
upvote