NSE5_FCT-7.0 Online Practice Questions and Answers

Refer to the exhibits, which show a network topology diagram of ZTNA proxy access and the ZTNA rule configuration.

An administrator runs the diagnose endpoint record list CLI command on FortiGate to check Remote-Client endpoint information, however Remote-Client is not showing up in the endpoint record list.

What is the cause of this issue?

A. Remote-Client failed the client certificate authentication.

B. Remote-Client provided an empty client certificate to connect to the ZTNA access proxy.

C. Remote-Client has not initiated a connection to the ZTNA access proxy.

D. Remote-Client provided an invalid certificate to connect to the ZTNA access proxy.

An administrator wants to simplify remote access without asking users to provide user credentials. Which access control method provides this solution"?

A. SSL VPN

B. ZTNA full mode

C. L2TP

D. ZTNA IP/MAC filtering mode

Which security fabric component sends a notification to quarantine an endpoint after IOC detection in the automation process?

A. FortiAnalyzer

B. FortiClient

C. ForbClient EMS

D. Forti Gate

Refer to the exhibit.

Which shows the output of the ZTNA traffic log on FortiGate. What can you conclude from the log message?

A. The remote user connection does not match the explicit proxy policy.

B. The remote user connection does not match the ZTNA server configuration.

C. The remote user connection does not match the ZTNA rule configuration.

D. The remote user connection does not match the ZTNA firewall policy

An administrator installs FortiClient EMS in the enterprise.

Which component is responsible for enforcing protection and checking security posture?

A. FortiClient vulnerability scan

B. FortiClient EMS tags

C. FortiClient EMS

D. FortiClient

Which two benefits are benefits of using multi-tenancy mode on FortiClient EMS? (Choose two.)

A. The fabric connector must use an IP address to connect to FortiClient EMS

B. It provides granular access and segmentation.

C. Licenses are shared among sites.

D. Separate host servers manage each site.

Refer to the exhibit, which shows the endpoint summary information on FortiClient EMS.

What two conclusions can you make based on the Remote-Client status shown above? (Choose two.)

A. The endpoint is classified as at risk.

B. The endpoint has been assigned the Default endpoint policy.

C. The endpoint is configured to support FortiSandbox.

D. The endpoint is currently off-net.

Refer to the exhibit.

Which shows multiple endpoint policies on FortiClient EMS.

Which policy is applied to the endpoint in the AD group trainingAD?

A. The Sales policy

B. The Training policy

C. Both the Sales and Training policies because their priority is higher than the Default policy

D. The Default policy because it has the highest priority

Refer to the exhibits.

Which shows the configuration of endpoint policies.

Based on the configuration, what will happen when someone logs in with the user account student on an endpoint in the trainingAD domain?

A. FortiClient EMS will assign the Sales policy

B. FortiClient EMS will assign the Training policy

C. FortiClient EMS will assign the Default policy

D. FortiClient EMS will assign the Training policy for on-fabric endpoints and the Sales policy for the off-fabric endpoint

An administrator is required to maintain a software inventory on the endpoints. without showing the feature on the FortiClient dashboard What must the administrator do to achieve this requirement?

A. The administrator must use default endpoint profile

B. The administrator must not select the vulnerability scan feature in the deployment package.

C. The administrator must select the vulnerability scan feature in the deployment package, but disable the feature on the endpoint profile

D. The administrator must click the hide icon on the vulnerability scan tab