NSE6_FAC-6.4 Practice Exams and Training Solutions for Certifications [Q15-Q35]

September 26, 2023 admin 0 Comments

Rate this post

NSE6_FAC-6.4 Practice Exams and Training Solutions for Certifications

Dumps Free Test Engine Player Verified Answers

NEW QUESTION 15
You want to monitor FortiAuthenticator system information and receive FortiAuthenticator traps through SNMP.
Which two configurations must be performed after enabling SNMP access on the FortiAuthenticator interface? (Choose two)

Enable logging services

Set the tresholds to trigger SNMP traps

Upload management information base (MIB) files to SNMP server

Associate an ASN, 1 mapping rule to the receiving host

NEW QUESTION 16
At a minimum, which two configurations are required to enable guest portal services on FortiAuthenticator? (Choose two)

Configuring a portal policy

Configuring at least on post-login service

Configuring a RADIUS client

Configuring an external authentication portal

NEW QUESTION 17
You are an administrator for a large enterprise and you want to delegate the creation and management of guest users to a group of sponsors.
How would you associate the guest accounts with individual sponsors?

As an administrator, you can assign guest groups to individual sponsors.

Guest accounts are associated with the sponsor that creates the guest account.

You can automatically add guest accounts to groups associated with specific sponsors.

Select the sponsor on the guest portal, during registration.

NEW QUESTION 18
Which three of the following can be used as SSO sources? (Choose three)

FortiClient SSO Mobility Agent

SSH Sessions

FortiAuthenticator in SAML SP role

Fortigate

RADIUS accounting

NEW QUESTION 19
Which two protocols are the default management access protocols for administrative access for FortiAuthenticator? (Choose two)

Telnet

HTTPS

SSH

SNMP

NEW QUESTION 20
Why would you configure an OCSP responder URL in an end-entity certificate?

To designate the SCEP server to use for CRL updates for that certificate

To identify the end point that a certificate has been assigned to

To designate a server for certificate status checking

To provide the CRL location for the certificate

NEW QUESTION 21
Examine the screenshot shown in the exhibit.

Which two statements regarding the configuration are true? (Choose two.)

All guest accounts created using the account registration feature will be placed under the Guest_Portal_Users group

All accounts registered through the guest portal must be validated through email

Guest users must fill in all the fields on the registration form

Guest user account will expire after eight hours

NEW QUESTION 22
A system administrator wants to integrate FortiAuthenticator with an existing identity management system with the goal of authenticating and deauthenticating users into FSSO.
What feature does FortiAuthenticator offer for this type of integration?

The ability to import and export users from CSV files

RADIUS learning mode for migrating users

REST API

SNMP monitoring and traps

NEW QUESTION 23
What happens when a certificate is revoked? (Choose two)

Revoked certificates cannot be reinstated for any reason

All certificates signed by a revoked CA certificate are automatically revoked

Revoked certificates are automatically added to the CRL

External CAs will priodically query Fortiauthenticator and automatically download revoked certificates

NEW QUESTION 24
When you are setting up two FortiAuthenticator devices in active-passive HA, which HA role must you select on the master FortiAuthenticator?

Active-passive master

Standalone master

Cluster member

Load balancing master

NEW QUESTION 25
Which two statement about the RADIUS service on FortiAuthenticator are true? (Choose two)

Two-factor authentication cannot be enforced when using RADIUS authentication

RADIUS users can migrated to LDAP users

Only local users can be authenticated through RADIUS

FortiAuthenticator answers only to RADIUS client that are registered with FortiAuthenticator

NEW QUESTION 26
Which behaviors exist for certificate revocation lists (CRLs) on FortiAuthenticator? (Choose two)

CRLs contain the serial number of the certificate that has been revoked

Revoked certificates are automaticlly placed on the CRL

CRLs can be exported only through the SCEP server

All local CAs share the same CRLs

NEW QUESTION 27
Which FSSO discovery method transparently detects logged off users without having to rely on external features such as WMI polling?

Windows AD polling

FortiClient SSO Mobility Agent

Radius Accounting

DC Polling

NEW QUESTION 28
You have implemented two-factor authentication to enhance security to sensitive enterprise systems.
How could you bypass the need for two-factor authentication for users accessing form specific secured networks?

Create an admin realm in the authentication policy

Specify the appropriate RADIUS clients in the authentication policy

Enable Adaptive Authentication in the portal policy

Enable the Resolve user geolocation from their IP address option in the authentication policy.

NEW QUESTION 29
When generating a TOTP for two-factor authentication, what two pieces of information are used by the algorithm to generate the TOTP?

UUID and time

Time and FortiAuthenticator serial number

Time and seed

Time and mobile location

NEW QUESTION 30
Which two capabilities does FortiAuthenticator offer when acting as a self-signed or local CA? (Choose two)

Validating other CA CRLs using OSCP

Importing other CA certificates and CRLs

Merging local and remote CRLs using SCEP

Creating, signing, and revoking of X.509 certificates

NEW QUESTION 31
Which statement about the guest portal policies is true?

Guest portal policies apply only to authentication requests coming from unknown RADIUS clients

Guest portal policies can be used only for BYODs

Conditions in the policy apply only to guest wireless users

All conditions in the policy must match before a user is presented with the guest portal

NEW QUESTION 32
What are three key features of FortiAuthenticator? (Choose three)

Identity management device

Log server

Certificate authority

Portal services

RSSO Server

NEW QUESTION 33
Which two features of FortiAuthenticator are used for EAP deployment? (Choose two)

Certificate authority

LDAP server

MAC authentication bypass

RADIUS server

Q&As with Explanations Verified & Correct Answers: https://www.topexamcollection.com/NSE6_FAC-6.4-vce-collection.html

NSE6_FAC-6.4 Practice Exams and Training Solutions for Certifications [Q15-Q35]

Leave a Reply Cancel reply

NSE6_FAC-6.4 Practice Tests

Related Certifications

Recent Posts

Recent Comments

Categories