Q11. Refer to the exhibits.


Which show the Zero Trust Tag Monitor and the FortiClient GUI status.
Remote-Client is tagged as Remote-Users on the FortiClient EMS Zero Trust Tag Monitor.
What must an administrator do to show the tag on the FortiClient GUI?

Q12. An administrator wants to simplify remote access without asking users to provide user credentials.
Which access control method provides this solution?

Q13. When site categories are disabled in FortiClient webfilter and antivirus (malicious websites), which feature can be used to protect the endpoint from malicious web access?

Q14. Which two statements are true about ZTNA? (Choose two.)

Q15. Refer to the exhibit.

Based on the Security Fabric automation settings, what action will be taken on compromised endpoints?

Q16. What does FortiClient do as a fabric agent? (Choose two.)

Q17. An administrator is required to maintain a software vulnerability on the endpoints, without showing the feature on the FortiClient dashboard. What must the administrator do to achieve this requirement?

Q18. Refer to the exhibit.

Based on the FortiClient logs shown in the exhibit which application is blocked by the application firewall?

Q19. What does FortiClient do as a fabric agent? (Choose two.)

Q20. Which security fabric component sends a notification to quarantine an endpoint after IOC detection in the automation process?

Q21. A new chrome book is connected in a school’s network.
Which component can the EMS administrator use to manage the FortiClient web filter extension installed on the Google Chromebook endpoint?

Q22. Refer to the exhibits.


Which shows the configuration of endpoint policies.
Based on the configuration, what will happen when someone logs in with the user account student on an endpoint in the trainingAD domain?

Q23. Refer to the exhibit.

Which shows the output of the ZTNA traffic log on FortiGate.
What can you conclude from the log message?

Q24. Which component or device shares ZTNA tag information through Security Fabric integration?

Q25. Refer to the exhibit.

An administrator has restored the modified XML configuration file to FortiClient and sees the error shown in the exhibit.
Based on the XML settings shown in the exhibit, what must the administrator do to resolve the issue with the XML configuration file?

Q26. Refer to the exhibit.

Which shows multiple endpoint policies on FortiClient EMS.
Which policy is applied to the endpoint in the AD group trainingAD?

Q27. Refer to the exhibit.

Based on the FortiClient logs shown in the exhibit which application is blocked by the application firewall?

Q28. Refer to the exhibit.

Based on the settings shown in the exhibit what action will FortiClient take when it detects that a user is trying to download an infected file?

Q29. Why does FortiGate need the root CA certificate of FortiClient EMS?

Q30. An administrator has a requirement to add user authentication to the ZTNA access for remote or off-fabric users Which FortiGate feature is required m addition to ZTNA?

Q31. What does FortiClient do as a fabric agent? (Choose two.)

Q32. Which three features does FortiClient endpoint security include? (Choose three.)

Q33. Refer to the exhibits.


Based on the FortiGate Security Fabric settings shown in the exhibits, what must an administrator do on the EMS server to successfully quarantine an endpoint. when it is detected as a compromised host (loC)?