Fortinet NSE6_FNC-7.2 Exam Practice Test Instant Access

Question 1

Refer to the exhibit, and then answer the question below.

Which host is rogue?

Answer : B

Question 2

Which system group will force at-risk hosts into the quarantine network, based on point of connection?

APhysical Address Filtering

BForced Quarantine

CForced Isolation

DForced Remediation

Answer : D

Forced Quarantine, study guide 7.2 pag 245 and 248

Question 3

Which group type can have members added directly from the FortiNAC Control Manager?

AAdministrator

BDevice

CPort

DHost

Answer : B

The study guide explains that there are six different types of groups in FortiNAC, including device, host, IP phone, port, user, and administrator groups. Groups created by administrative users or imported as a result of an LDAP integration can be used to organize elements but do not enforce any type of control or functionality directly

Question 4

In an isolation VLAN which three services does FortiNAC supply? (Choose three.)

ANTP

BDHCP

CWeb

DDNS

EISMTP

Answer : B, C, D

In an isolation VLAN, FortiNAC supplies DHCP and DNS services. The guide specifies that FortiNAC has a DHCP scope defined for a particular VLAN and should be the only DHCP server available to hosts on that VLAN. Additionally, hosts on the VLAN would get a DNS server configuration of the FortiNAC IP for that VLAN

Question 5

Which two device classification options can register a device automatically and transparently to the end user? (Choose two.)

ADissolvable agent

BDotlxAuto Registration

CDevice importing

DMDM integration

ECaptive portal

Answer : B, D

The FortiNAC 7.2 Study Guide does not explicitly mention Dot1x Auto Registration and MDM integration as the specific device classification options for automatic and transparent registration to the end user. However, based on the general functioning of FortiNAC, Dot1x Auto Registration and MDM integration are typically used for such purposes. The guide discusses automatic device registration in the context of profiling rules

Question 6

What capability do logical networks provide?

APoint of access-base autopopulation of device groups'

BInteractive topology view diagrams

CApplication of different access values from a single access policy

DIVLAN -based inventory reporting

Answer : C

Logical Networks allow you to create fewer Network Access Policies than before. (FortiNAC - What's new in FortiNAC 7.2)

Logical networks in FortiNAC decouple a policy from a specific access value, allowing for the application of different access values from a single access policy. This is done based on the point of connection, significantly reducing the number of network access policies needed and simplifying network access policy management

Question 7

When FortiNAC passes a firewall tag to FortiGate, what determines the value that is passed?

ASecurity rule

BDevice profiling rule

CRADIUS group attribute

DLogical network

Answer : B

Fortinet NSE6_FNC-7.2 Fortinet NSE 6 - FortiNAC 7.2 Exam Practice Test