Fortinet FCP - FortiClient EMS 7.2 Administrator FCP_FCT_AD-7.2 Exam Practice Test

Answer : B, D

Observation of Compliance Profile:

The compliance profile shown in the exhibit includes rules for vulnerability severity level and running process (Calculator.exe).

Evaluating Actions for Compliance:

To make the endpoint compliant, the administrator needs to ensure that the vulnerability severity level is medium or higher is patched (D).

Additionally, the Calculator.exe application must be running on the endpoint (B).

Eliminating Incorrect Options:

Enabling the web filter profile (A) is not related to the compliance rules shown.

Integrating FortiSandbox (C) is not a requirement in the given compliance profile.

Conclusion:

The correct actions are to run the Calculator application on the endpoint (B) and patch applications with vulnerabilities rated as high or above (D).

FortiClient EMS compliance profile configuration documentation from the study guides.

Answer : C

Requirement Analysis:

The administrator needs to maintain a software vulnerability scan on endpoints without showing the feature on FortiClient.

Evaluating Options:

Disabling the feature in the deployment package or endpoint profile would remove the functionality entirely, which is not desired.

Using the default endpoint profile may not meet the specific requirement of hiding the feature.

Clicking the hide icon on the vulnerability scan profile assigned to the endpoint will keep the feature active but hidden from the user's view.

Conclusion:

The correct action is to click the hide icon on the vulnerability scan profile assigned to the endpoint (C).

FortiClient EMS feature configuration and management documentation from the study guides.

Answer : B

Observation of ZTNA Traffic Log:

The log message indicates that the remote user connection was denied due to failure to match a proxy policy.

Evaluating Log Message:

The message suggests that the connection does not match the existing ZTNA rule configuration, leading to the denial.

Conclusion:

The correct conclusion from the log message is that the remote user connection does not match the ZTNA rule configuration (B).

ZTNA traffic log analysis and configuration documentation from the study guides.

Answer : A

Understanding the Need for Root CA Certificate:

The root CA certificate of FortiClient EMS is necessary for FortiGate to trust certificates issued by FortiClient EMS.

Evaluating Use Cases:

FortiGate needs the root CA certificate to establish trust and validate certificates issued by FortiClient EMS.

Conclusion:

The primary reason FortiGate needs the root CA certificate of FortiClient EMS is to trust certificates issued by FortiClient EMS.

FortiClient EMS and FortiGate certificate management documentation from the study guides.

Answer : A

'The firewall policy matches and redirects client requests to the access proxy VIP' https://docs.fortinet.com/document/fortigate/7.0.0/new-features/194961/basic-ztna-configuration

Answer : B

The anti-exploit detection protects vulnerable endpoints from unknown exploit attacks. FortiClient monitors the behavior of popular applications, such as web browsers (Internet Explorer, Chrome, Firefox, Opera), Java/Flash plug-ins, Microsoft Office applications, and PDF readers, to detect exploits that use zero-day or unpatched vulnerabilities to infect the endpoint. Once detected, FortiClient terminates the compromised application process.

Answer : A

Connecting FortiClient EMS to FortiGate:

The administrator needs to establish a connection between FortiClient EMS and FortiGate as a fabric connector.

Prerequisites for Connection:

A key prerequisite is the import and verification of the FortiClient EMS tool CA certificate on FortiGate to ensure a trusted connection.

Conclusion:

The correct prerequisite for a successful connection is to import and verify the FortiClient EMS tool CA certificate on FortiGate.

FortiClient EMS and FortiGate connection and certificate management documentation from the study guides.