Fortinet NSE5_FCT-7.0 Exam Questions Instant Access

Question 1

Refer to the exhibit.

Based on the logs shown in the exhibit, why did FortiClient EMS fail to install FortiClient on the endpoint?

AThe remote registry service is not running

BThe Windows installer service is not running

CThe task scheduler service is not running.

DThe FortiClient antivirus service is not running

Answer : C

https://community.fortinet.com/t5/FortiClient/Technical-Note-FortiClient-fails-to-install-from-FortiClient-EMS/ta-p/193680 The deployment service error message may be caused by any of the following. Try eliminating them all, one at a time. 1. Wrong username or password in the EMS profile 2. Endpoint is unreachable over the network 3. Task Scheduler service is not running 4. Remote Registry service is not running 5. Windows firewall is blocking connection

Question 2

Refer to the exhibit.

Based on the settings shown in the exhibit what action will FortiClient take when it detects that a user is trying to download an infected file?

ABlocks the infected files as it is downloading

BQuarantines the infected files and logs all access attempts

CSends the infected file to FortiGuard for analysis

DAllows the infected file to download without scan

Answer : D

Block Malicious Website has nothing to do with infected files. Since Realtime Protection is OFF, it will be allowed without being scanned.

Question 3

Refer to the exhibits, which show a network topology diagram of ZTNA proxy access and the ZTNA rule configuration.

An administrator runs the diagnose endpoint record list CLI command on FortiGate to check Remote-Client endpoint information, however Remote-Client is not showing up in the endpoint record list.

What is the cause of this issue?

ARemote-Client failed the client certificate authentication.

BRemote-Client provided an empty client certificate to connect to the ZTNA access proxy.

CRemote-Client has not initiated a connection to the ZTNA access proxy.

DRemote-Client provided an invalid certificate to connect to the ZTNA access proxy.

Answer : A

'You can use CLI Command [...] to verify the presence of matching endpoint record [...] If any of the Information is missing or incomplete, client certificate authentication might fail because FortiClient cannot locate corresponding endpoint entry.' There is probably a typo there and it should read: 'because FortiGate cannot locate corresponding endpoint entry.' --> see Admin guide for 'endpoint record list' and CLI command in that context. https://docs.fortinet.com/document/fortigate/7.4.0/administration-guide/25915/establish-device-identity-and-trust-context-with-forticlient-ems

Question 4

Refer to the exhibit.

Based on the settings shown in the exhibit, which two actions must the administrator take to make the endpoint compliant? (Choose two.)

AEnable the webfilter profile

BIntegrate FortiSandbox for infected file analysis

CPatch applications that have vulnerability rated as high or above

DRun Calculator application on the endpoint

Answer : C, D

Question 5

Which two VPN types can a FortiClient endpoint user inmate from the Windows command prompt? (Choose two)

AL2TP

BPPTP

CIPSec

DSSL VPN

Answer : C, D

Question 6

An administrator needs to connect FortiClient EMS as a fabric connector to FortiGate. What is the prerequisite to get FortiClient EMS to connect to FortiGate successfully?

ARevoke and update the FortiClient EMS root CA.

BRevoke and update the FortiClient client certificate on EMS.

CImport and verify the FortiClient client certificate on FortiGate.

DImport and verify the FortiClient EMS root CA certificate on FortiGate

Answer : D

The FortiClient EMS root CA certificate needs to be imported and verified on the FortiGate appliance. This allows the FortiGate to trust the certificate authority (CA) used by FortiClient EMS for issuing client certificates. By importing and verifying the root CA certificate, FortiGate can establish a secure connection with FortiClient EMS and validate the authenticity of the client certificates presented during the connection process.

Question 7

Which two statements are true about ZTNA? (Choose two.)

AZTNA provides role-based access

BZTNA manages access for remote users only

CZTNA manages access through the client only

DZTNA provides a security posture check

Answer : A, D

Fortinet NSE 5 - FortiClient EMS 7.0 NSE5_FCT-7.0 Exam Questions