Fortinet NSE7_SAC-6.2 Exam Practice Test Instant Access

Question 1

Refer to the exhibit.

Examine the output of the debug command and port configuration shown in the exhibit.

FortiGate learned the MAC address 78:2b:cb:d8:36:68 dynamically.

What action does FortiSwitch take if there is an untagged frame coming to port1 will different MAC address?

AThe frame is accepted and assigned to the quarantine VLAN

BThe frame is accepted and FortiSwitch will update its mac address table with the new MAC address.

CThe frame is dropped.

DThe frame is accepted and assigned to the user VLAN.

Answer : A

Question 2

A FotliGate has the following LDAP configuration

On the Windows LDAP server 10.0.1.10, the administrator used dsqueryT which returned the following output:

>dsquery user -samid admin* "CN=AdministratorrCN=UsersiDC=trainingAD;DC=trainingiDC=lab"

According to the output, which FortiGate LDAP setting is configured incorrectly?

Adn

BsAMAccountName

Cusername

Dcnid

Answer : B

Question 3

An administrator has deployed dual band-capable wireless APs in a wireless network. Multiple 2.4 GHz wireless clients are connecting to the network, and subsequent monitoring shows that individual AP 2.4GHz interfaces are being overloaded with wireless connections.

Which configuration change would best resolve the overloading issue?

AConfigure load balancing AP handoff on both the AP interfaces on all APs.

BConfigure load balancing AP handoff on only the 2.4GHz interfaces of all Aps.

CConfigure load balancing frequency handoff on both the AP interfaces.

DConfigure a client limit on the all AP 2.4GHz interfaces.

Answer : C

Question 4

Examine the following output from the FortiLink real-time debug.:

Based on the output, what is the status of the communication between FortiGate and FortiSwitch?

AFortiGate is unable to authorize the FortiSwitch.

BFortiGate is unable to establish FortiLmk tunnel to manage the FortiSwitch.

CFortiGate is unable to located a previously managed FortiSwitch.

DThe FortiLink heartbeat is up.

Answer : D

Question 5

Refer to the exhibit.

Given the network topology shown in the exhibit, which two ports should be configured as untrusted DHCP ports? (Choose two.)

AFortiSwitch B, port1

BFortiSwitch A, port2

CFortiSwitch B, port2

DFortiSwitch A, port1

Answer : C, D

Question 6

Refer to the exhibit showing certificate values.

Wireless guest users are unable to authenticate because they are getting a certificate error while loading the captive portal login page This URL string is the HTTPS POST URL guest wireless users see when attempting to access the network using the web browser:

Which two settings are the likely causes of the issue? (Choose two.)

AThe external server FQDN is incorrect.

BThe FortiGate authentication interface address is using Hi IPS.

CThe wireless user's browser is missing a CA certificate.

DThe user address is not in DDNS form.

Answer : A, C

Question 7

Refer to the exhibit.

The exhibit shows two FortiGate devices in active-passive HA mode, including four FortiSwitch devices connected to a ring.

Which two configurations are required to deploy this network topology'' (Choose two.)

AConfigure link aggregation interfaces on the FortiLink interfaces.

BConfigure the trunk interfaces on the FortiSwitch devices as MCLAG-ISL.

CEnable f ortilink-split-interf ace on the FortiLink interfaces.

DEnable STP on the FortiGate interfaces.

Answer : C, D

https://www.fortinetguru.com/2019/07/fortilink-configuration-using-the-fortigate-gui/

Fortinet NSE7_SAC-6.2 Fortinet NSE 7 - Secure Access 6.2 Exam Practice Test