Fortinet NSE6_FNC-9.1 Exam Practice Test Instant Access

Question 1

With enforcement for network access policies and at-risk hosts enabled, what will happen if a host matches a network access policy and has a state of "at risk"?

AThe host is provisioned based on the default access defined by the point of connection.

BThe host is provisioned based on the network access policy.

CThe host is isolated.

DThe host is administratively disabled.

Answer : C

https://training.fortinet.com/pluginfile.php/1912463/mod_resource/content/26/FortiNAC_7.2_Study_Guide-Online.pdf C. Page 327 - moved to the quarantine isolation network

Question 2

What capability do logical networks provide?

APoint of access-base autopopulation of device groups'

BInteractive topology view diagrams

CApplication of different access values from a single access policy

DIVLAN -based inventory reporting

Answer : C

Logical Networks allow you to create fewer Network Access Policies than before. (FortiNAC - What's new in FortiNAC 8.5)

Question 3

When you create a user or host profile; which three criteria can you use? (Choose three.)

AAn applied access policy

BAdministrative group membership

CLocation

DHost or user group memberships

EHost or user attributes

Answer : C, D, E

Fortinac-admin-operations, P. 391

Question 4

Where do you look to determine which network access policy, if any is being applied to a particular host?

AThe Policy Details view for the host

BThe Connections view

CThe Port Properties view of the hosts port

DThe Policy Logs view

Answer : A

FortiNAC p 382: 'Under Network Access Settings - Policy Name - Name of the Network Access Policy that currently applies to the host.'

Question 5

While troubleshooting a network connectivity issue, an administrator determines that a device was being automatically provisioned to an incorrect VLAN.

Where would the administrator look to determine when and why FortiNAC made the network access change?

AThe Event view

BThe Admin Auditing view

CThe Port Changes view

DThe Connections view

Answer : C

Question 6

An administrator is configuring FortiNAC to manage FortiGate VPN users. As part of the configuration, the administrator must configure a few FortiGate firewall policies.

What is the purpose of the FortiGate firewall policy that applies to unauthorized VPN clients?

ATo deny access to only the production DNS server

BTo allow access to only the FortiNAC VPN interface

CTo allow access to only the production DNS server

DTo deny access to only the FortiNAC VPN interface

Answer : B

Question 7

Which three circumstances trigger Layer 2 polling of infrastructure devices? (Choose three.)

AManual polling

BScheduled poll timings

CA failed Layer 3 poll

DA matched security policy

ELinkup and Linkdown traps

Answer : A, B, E

Fortinet NSE6_FNC-9.1 Fortinet NSE 6 - FortiNAC 9.1 Exam Practice Test