CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Fortinet
  5. NSE6_FAC-6.4

Free NSE6_FAC-6.4 Exam Braindumps (page: 6)

Page 5 of 13
PDF with 47 Questions

Which statement about captive portal policies is true, assuming a single policy has been defined?

  1. Portal policies apply only to authentication requests coming from unknown RADIUS clients
  2. All conditions in the policy must match before a user is presented with the captive portal.
  3. Conditions in the policy apply only to wireless users.
  4. Portal policies can be used only for BYODs.

Answer(s): B

Explanation:

Captive portal policies are used to define the conditions and settings for presenting a captive portal to users who need to authenticate before accessing the network. A captive portal policy consists of a set of conditions and a set of actions. The conditions can be based on various attributes, such as source IP address, MAC address, user group, device type, or RADIUS client. The actions can include redirecting the user to a specific portal, applying a specific authentication method, or assigning a specific VLAN or firewall policy. A single policy can have multiple conditions, and all conditions in the policy must match before a user is presented with the captive portal.


Reference:

https://docs.fortinet.com/document/fortiauthenticator/6.4.0/administration- guide/906179/portal-services#captive-portal-policies



Which interface services must be enabled for the SCEP client to connect to Authenticator?

  1. OCSP
  2. REST API
  3. SSH
  4. HTTP/HTTPS

Answer(s): D

Explanation:

HTTP/HTTPS are the interface services that must be enabled for the SCEP client to connect to FortiAuthenticator. SCEP stands for Simple Certificate Enrollment Protocol, which is a method of requesting and issuing digital certificates over HTTP or HTTPS. FortiAuthenticator supports SCEP as a certificate authority (CA) and can process SCEP requests from SCEP clients. To enable SCEP on FortiAuthenticator, the HTTP or HTTPS service must be enabled on the interface that receives the SCEP requests.


Reference:

https://docs.fortinet.com/document/fortiauthenticator/6.4.0/administration- guide/906179/certificate-management#scep



Which statement about the assignment of permissions for sponsor and administrator accounts is true?

  1. Only administrator accounts permissions are assigned using admin profiles.
  2. Sponsor permissions are assigned using group settings.
  3. Administrator capabilities are assigned by applying permission sets to admin groups.
  4. Both sponsor and administrator account permissions are assigned using admin profiles.

Answer(s): D

Explanation:

Both sponsor and administrator account permissions are assigned using admin profiles. An admin profile is a set of permissions that defines what actions an administrator or a sponsor can perform on FortiAuthenticator. An admin profile can be assigned to an admin group or an individual admin user. A sponsor is a special type of admin user who can create and manage guest accounts on behalf of other users.


Reference:

https://docs.fortinet.com/document/fortiauthenticator/6.4.0/administration- guide/906179/administrators#admin-profiles



Which two protocols are the default management access protocols for administrative access for FortiAuthenticator? (Choose two)

  1. Telnet
  2. HTTPS
  3. SSH
  4. SNMP

Answer(s): B,C

Explanation:

HTTPS and SSH are the default management access protocols for administrative access for FortiAuthenticator. HTTPS allows administrators to access the web-based GUI of FortiAuthenticator using a web browser and a secure connection. SSH allows administrators to access the CLI of FortiAuthenticator using an SSH client and an encrypted connection. Both protocols require the administrator to enter a valid username and password to log in.


Reference:

https://docs.fortinet.com/document/fortiauthenticator/6.4.0/administration-

guide/906179/system-settings#management-access






Post your Comments and Discuss Fortinet NSE6_FAC-6.4 exam with other Community members:

NSE6_FAC-6.4 Exam Discussions & Posts