Cisco®
CompTIA
Checkpoint
ISC
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk®
Scrum
All Vendors
  2. Home
  3. Exams
  4. Fortinet
  5. NSE6_FNC-7.2

Free NSE6_FNC-7.2 Exam Braindumps (page: 7)

Page 6 of 16
PDF with 57 Questions

Which two things must be done to allow FortiNAC to process incoming syslog messages from an unknown vendor? (Choose two.)

  1. A security event parser must be created for the device.
  2. The device sending the messages must be modeled in the Network Inventory view.
  3. The device must be added as a patch management server.
  4. The device must be added as a log receiver.

Answer(s): A,B

Explanation:

To allow FortiNAC to process incoming syslog messages from an unknown vendor, two steps must be taken:
Creation of a customized event parser: This enables FortiNAC to parse and integrate syslog messages from any vendor or device, as long as the messages are in CSV, CEF, or Tag/Value format. Modeling the device in the Topology view: Any device that sends syslog messages to FortiNAC must be modeled in this view. FortiNAC will not process syslog or trap messages unless the source address belongs to a device modeled in the topology.
Reference
FortiNAC 7.2 Study Guide, pages 428 and 399



Which two methods can be used to gather a list of installed applications and application details from a host? (Choose two.)

  1. Agent technology
  2. Portal page on-boarding options
  3. MDM integration
  4. Application layer traffic inspection

Answer(s): A,C

Explanation:

To gather a list of installed applications and application details from a host, two methods can be used:
Agent technology: FortiNAC uses agent technology to collect all installed applications on an endpoint.
Integration with MDMs (Mobile Device Management systems): M, D, Ms that support application gathering can be integrated with FortiNAC to collect application information.
Reference
FortiNAC 7.2 Study Guide, page 302



Which devices would be evaluated by device profiling rules?

  1. Rogue devices, each time they connect
  2. All hosts, each time they connect
  3. Known trusted devices, each time they change location
  4. Rogue devices, only when they are initially added to the database

Answer(s): B

Explanation:

Device profiling rules in FortiNAC are used to evaluate and classify rogue devices. These rules can be configured to automatically, manually, or through sponsorship evaluate and classify unknown untrusted devices as they are identified and created.
Reference
FortiNAC 7.2 Study Guide, page 98



Which three are components of a security rule? (Choose three.)

  1. Methods
  2. Security String
  3. Trigger
  4. User or host profile
  5. Action

Answer(s): C,D,E

Explanation:

Components of a security rule in FortiNAC include:
Trigger: The condition or event that initiates the evaluation of the rule. User or Host Profile: A requirement that can be added to a rule to specify the user or host profile that must be matched.
Action: The activities or responses that FortiNAC performs when the rule is matched.
Reference
FortiNAC 7.2 Study Guide, page 419






Post your Comments and Discuss Fortinet NSE6_FNC-7.2 exam with other Community members:

Exam Discussions & Posts