Fortinet NSE7_SAC-6.2 Exam Practice Test Instant Access

Question 1

Refer to the exhibit.

Examine the configuration of the FortiSwitch security policy profile.

If the security profile shown in the exhibit is assigned on the FortiSwitch port for 802 1X. port authentication, which statement is correct?

AHost machines that do support 802.1X authentication, but have failed authentication, will be assigned the guest VLAN.

BAll unauthenticated users will be assigned the auth-fail VLAN.

CAuthenticated users that are part of the wired-users group will be assigned the guest VLAN.

DHost machines that do not support 802.1X authentication will be assigned the guest VLAN.

Answer : C

Question 2

Refer to the exhibit.

Examine the network topology shown in the exhibit.

Which port should have root guard enabled?

AFortiSwitch A, port2

BFortiSwitch A, port1

CFortiSwitch B. port1

DFortiSwitch B. port2

Answer : A

Question 3

Examine the following RADIUS configuration:

An administrator has configured a RADIUS server on FortiGate that points to FortiAuthenticator. FortiAuthenticator is acting as an authentication proxy and is configured to relay all authentication requests to a remote Windows AD server using LDAP.

While testing the configuration, the administrator notices that the diagnose test authserver command works with PAP, however, authentication requests fail when using MSCHAPv2.

Which two changes should the administrator make to get MSCHAPv2 to work? (Choose two.)

AForce FortiGate to use the PAP authentication method in the RADIUS server configuration.

BChange the remote authentication server from LDAP to RADIUS on FortiAuthenticator.

CUse MSCHAP instead of using MSCHAPv2.

DEnable Windows Active Directory Domain Authentication on FortiAuthenticator to add FortiAuthenticator to the Windows domain

Answer : B, D

Question 4

Refer to the exhibit.

Examine the VAP configuration and the WiFi zones table shown in the exhibits.

Which two statements describe FortiGate behavior regarding assignment of

AFortiGate will load balance clients using VLAN 101 and VLAN 102 and assign them an IP address from the 10.0.3.0/24 subnet.

BClients connecting to APs in the Floor l group will notbe able to receive an IP address.

CAll clients connecting to the Corp SSID will receive an IP address from the 10.0.3.1/24 subnet.

DClients connecting to APs in the office group will be assigned an IP address from the 10.0.20.1/24 subnet.

Answer : B, D

Question 5

Refer to the exhibit.

The exhibit shows two FortiGate devices in active-passive HA mode, including four FortiSwitch devices connected to a ring.

Which two configurations are required to deploy this network topology'' (Choose two.)

AConfigure link aggregation interfaces on the FortiLink interfaces.

BConfigure the trunk interfaces on the FortiSwitch devices as MCLAG-ISL.

CEnable f ortilink-split-interf ace on the FortiLink interfaces.

DEnable STP on the FortiGate interfaces.

Answer : C, D

Please Wait...

Fortinet NSE7_SAC-6.2 Fortinet NSE 7 - Secure Access 6.2 Exam Practice Test

Question 1

Question 2

Question 3

Question 4

Question 5

Please Wait...

Popular Vendors

Fortinet NSE7_SAC-6.2 Fortinet NSE 7 - Secure Access 6.2 Exam Practice Test

Question 1

Question 2

Question 3

Question 4

Question 5