Fortinet NSE 5 - FortiClient EMS 7.0 NSE5_FCT-7.0 Exam Questions

Page: 1 / 14
Total 49 questions
Question 1

An administrator configures ZTNA configuration on the FortiGate for remote users. Which statement is true about the firewall policy?



Answer : B

'The firewall policy matches and redirects client requests to the access proxy VIP' https://docs.fortinet.com/document/fortigate/7.0.0/new-features/194961/basic-ztna-configuration


Question 2

Which component or device shares ZTNA tag information through Security Fabric integration?



Answer : A

FortiClient EMS is the component that shares ZTNA tag information through Security Fabric integration. ZTNA tags are synchronized from FortiClient EMS as inputs for the FortiGate application gateway. They can be used in ZTNA policies as security posture checks to ensure certain security criteria are met. FortiClient EMS can share ZTNA tags across multiple devices in the Fabric, such as FortiGate, FortiManager, and FortiAnalyzer. FortiClient EMS can also share ZTNA tags across multiple VDOMs on the same FortiGate device.FortiClient EMS can be configured to control the ZTNA tag sharing behavior in the Fabric Devices settings1.

FortiGate is the device that enforces ZTNA policies using ZTNA tags. FortiGate can receive ZTNA tags from FortiClient EMS via Fabric Connector. FortiGate can also publish ZTNA services through the ZTNA portal, which allows users to access applications without installing FortiClient.FortiGate can also provide ZTNA inline CASB for SaaS application access control2.

FortiGate Access Proxy is a feature that enables FortiGate to act as a proxy for ZTNA traffic. FortiGate Access Proxy can be deployed in front of the application servers to provide ZTNA protection. FortiGate Access Proxy can also be deployed behind the application servers to provide ZTNA visibility.FortiGate Access Proxy can use ZTNA tags to identify and authenticate users and devices2.

FortiClient is the endpoint software that connects to ZTNA services. FortiClient can register ZTNA tags with FortiClient EMS based on the endpoint security posture. FortiClient can also use ZTNA tags to access ZTNA services published by FortiGate.FortiClient can also use ZTNA tags to access SaaS applications with ZTNA inline CASB2.


Technical Tip: Behavior of ZTNA Tags shared across multiple vdoms or multiple FortiGate firewalls in the Security Fabric connected to the same FortiClient EMS Server

Synchronizing FortiClient ZTNA tags

Zero Trust Network Access (ZTNA) to Control Application Access

Question 3

An administrator wants to simplify remote access without asking users to provide user credentials.

Which access control method provides this solution"?



Answer : B


Question 4

Refer to the exhibit.

Based on the FortiClient log details shown in the exhibit, which two statements are true? (Choose two.)



Answer : A, B


Question 5

Which three features does FortiClient endpoint security include? (Choose three.)



Answer : B, D, E


Question 6

Refer to the exhibit.

Based on the logs shown in the exhibit, why did FortiClient EMS fail to install FortiClient on the endpoint?



Answer : C

https://community.fortinet.com/t5/FortiClient/Technical-Note-FortiClient-fails-to-install-from-FortiClient-EMS/ta-p/193680 The deployment service error message may be caused by any of the following. Try eliminating them all, one at a time. 1. Wrong username or password in the EMS profile 2. Endpoint is unreachable over the network 3. Task Scheduler service is not running 4. Remote Registry service is not running 5. Windows firewall is blocking connection


Question 7

Refer to the exhibit.

Which shows multiple endpoint policies on FortiClient EMS.

Which policy is applied to the endpoint in the AD group trainingAD?



Answer : B

Training policy because:

- Policy is enabled

- Priority is better than Default Policy


Page:    1 / 14   
Total 49 questions