NSE5_FCT-7.0 Online Practice Questions and Answers

Which two statements are true about the ZTNA rule? (Choose two. )

A. It enforces access control

B. It redirects the client request to the access proxy

C. It defines the access proxy

D. It applies security profiles to protect traffic

Which component or device shares device status information through ZTNA telemetry?

A. FortiClient

B. FortiGate

C. FortiGate Access Proxy

D. FortiClient EMS

Refer to the exhibit.

Based on the CLI output from FortiGate. which statement is true?

A. FortiGate is configured to pull user groups from FortiClient EMS

B. FortiGate is configured with local user group

C. FortiGate is configured to pull user groups from FortiAuthenticator

D. FortiGate is configured to pull user groups from AD Server.

An administrator deploys a FortiClient installation through the Microsoft AD group policy After installation is complete all the custom configuration is missing. What could have caused this problem?

A. The FortiClient exe file is included in the distribution package

B. The FortiClient MST file is missing from the distribution package

C. FortiClient does not have permission to access the distribution package.

D. The FortiClient package is not assigned to the group

What is the function of the quick scan option on FortiClient?

A. It scans programs and drivers that are currently running, for threats.

B. It allows users to select a specific file folder on their local hard disk drive (HDD), to scan for threats.

C. It performs a full system scan including all files, executable files, DLLs, and drivers for threats.

D. It scans executable files, DLLs, and drivers that are currently running, for threats.

An administrator wants to simplify remote access without asking users to provide user credentials. Which access control method provides this solution"?

A. SSL VPN

B. ZTNA full mode

C. L2TP

D. ZTNA IP/MAC filtering mode

An administrator is required to maintain a software vulnerability on the endpoints, without showing the feature on the FortiClient dashboard. What must the administrator do to achieve this requirement?

A. Disable select the vulnerability scan feature in the deployment package

B. Use the default endpoint profile

C. Select the vulnerability scan feature in the deployment package, but disable the feature on the endpoint profile

D. Click the hide icon on the vulnerability scan tab

Which component or device shares ZTNA tag information through Security Fabric integration?

A. FortiGate

B. FortiGate Access Proxy

C. FortiClient

D. FortiClient EMS

Which statement about FortiClient enterprise management server is true?

A. It provides centralized management of FortiGate devices.

B. lt provides centralized management of multiple endpoints running FortiClient software.

C. It provides centralized management of FortiClient Android endpoints only.

D. It provides centralized management of Chromebooks running real-time protection

Refer to the exhibit.

Which shows multiple endpoint policies on FortiClient EMS.

Which policy is applied to the endpoint in the AD group trainingAD?

A. The Sales policy

B. The Training policy

C. Both the Sales and Training policies because their priority is higher than the Default policy

D. The Default policy because it has the highest priority

Which two VPN types can a FortiClient endpoint user inmate from the Windows command prompt? (Choose two)

A. L2TP

B. PPTP

C. IPSec

D. SSL VPN

Refer to the exhibits.

Which shows the configuration of endpoint policies.

Based on the configuration, what will happen when someone logs in with the user account student on an endpoint in the trainingAD domain?

A. FortiClient EMS will assign the Sales policy

B. FortiClient EMS will assign the Training policy

C. FortiClient EMS will assign the Default policy

D. FortiClient EMS will assign the Training policy for on-fabric endpoints and the Sales policy for the off-fabric endpoint

Refer to the exhibit, which shows the Zero Trust Tagging Rule Set configuration.

Which two statements about the rule set are true? (Choose two.)

A. The endpoint must satisfy that only Windows 10 is running.

B. The endpoint must satisfy that only AV software is installed and running.

C. The endpoint must satisfy that antivirus is installed and running and Windows 10 is running.

D. The endpoint must satisfy that only Windows Server 2012 R2 is running.

What action does FortiClient anti-exploit detection take when it detects exploits?

A. Blocks memory allocation to the compromised application process

B. Patches the compromised application process

C. Deletes the compromised application process

D. Terminates the compromised application process

Refer to the exhibit.

Based on the FortiClient logs shown in the exhibit which endpoint profile policy is currently applied to the FortiClient endpoint from the EMS server?

A. Default

B. Compliance rules default

C. Fortinet- Training

D. Default configuration policy