[Aug-2022] NSE6_FNC-8.5 Exam Dumps Pass with Updated 2022 Fortinet NSE 6 - FortiNAC 8.5
Free NSE6_FNC-8.5 Exam Dumps to Pass Exam Easily
NEW QUESTION 16
Which three of the following are components of a security rule? (Choose three.)
- A. Security String
- B. Action
- C. Trigger
- D. User or host profile
- E. Methods
Answer: A,D,E
NEW QUESTION 17
What capability do logical networks provide?
- A. Interactive topology view diagrams
- B. Autopopulation of device groups based on point of connection
- C. VLAN-based inventory reporting
- D. Application of different access values from a single access policy
Answer: C
Explanation:
NTM also includes reporting utilities such as network and inventory reports. You can generate reports for subnets, switch ports, and VLANs.
NEW QUESTION 18
Where are logical network values defined?
- A. In the security and access field of each host record
- B. In the port properties view of each port
- C. On the profiled devices view
- D. In the model configuration view of each infrastructure device
Answer: C
NEW QUESTION 19
In an isolation VLAN, which three services does FortiNAC supply? (Choose three.)
- A. DNS
- B. Web
- C. DHCP
- D. NTP
- E. SMTP
Answer: A,B,C
Explanation:
Explanation/Reference: https://fortinetweb.s3.amazonaws.com/docs.fortinet.com/v2/attachments/8bec453a-b242-11e9- a989-00505692583a/AdminGuide-860-PDF.pdf
NEW QUESTION 20
Refer to the exhibit, and then answer the question below.
Which host is rogue?
- A. 0
- B. 1
- C. 2
- D. 3
Answer: D
NEW QUESTION 21
During the on-boarding process through the captive portal, why would a host that successfully registered remain stuck in the Registration VLAN? (Choose two.)
- A. The ports default VLAN is the same as the Registration VLAN.
- B. The wrong agent is installed.
- C. Bridging is enabled on the host
- D. There is another unregistered host on the same port.
Answer: B,D
Explanation:
Scenario 4: NAT detection disabled, using endpoint compliance policy and agent.
NEW QUESTION 22
What capability do logical networks provide?
- A. Interactive topology view diagrams
- B. Autopopulation of device groups based on point of connection
- C. VLAN-based inventory reporting
- D. Application of different access values from a single access policy
Answer: C
Explanation:
Explanation
NTM also includes reporting utilities such as network and inventory reports. You can generate reports for subnets, switch ports, and VLANs.
NEW QUESTION 23
Which agent is used only as part of a login script?
- A. Passive
- B. Dissolvable
- C. Mobile
- D. Persistent
Answer: D
Explanation:
If the logon script runs the logon application in persistent mode, configure your Active Directory server not to run scripts synchronously.
Reference: https://www.websense.com/content/support/library/deployctr/v76/ init_setup_creating_and_running_logon_agent_script_deployment_tasks.aspx
NEW QUESTION 24
Which connecting endpoints are evaluated against all enabled device profiling rules?
- A. Rogues devices, only when they connect for the first time
- B. All hosts, each time they connect
- C. Known trusted devices each time they change location
- D. Rogues devices, each time they connect
Answer: D
Explanation:
FortiNAC process to classify rogue devices and create an organized inventory of known trusted registered devices.
NEW QUESTION 25
What would happen if a port was placed in both the Forced Registration and the Forced Remediation port groups?
- A. Both types of enforcement would be applied.
- B. Only al-risk hosts would be impacted.
- C. Only rogue hosts would be impacted.
- D. Both enforcement groups cannot contain the same port.
Answer: C
NEW QUESTION 26
What causes a host's state to change to "at risk"?
- A. The host has been administratively disabled.
- B. The host has failed an endpoint compliance policy or admin scan.
- C. The host is not in the Registered Hosts group.
- D. The logged on user is not found in the Active Directory.
Answer: B
Explanation:
Explanation
Failure - Indicates that the host has failed the scan. This option can also be set manually. When the status is set to Failure the host is marked "At Risk" for the selected scan.
NEW QUESTION 27
Where do you look to determine when and why the FortiNAC made an automated network access change?
- A. The Port Changes view
- B. The Admin Auditing view
- C. The Event view
- D. The Connections view
Answer: C
NEW QUESTION 28
Which two methods can be used to gather a list of installed applications and application details from a host?
(Choose two)
- A. Agent technology
- B. Application layer traffic inspection
- C. Portal page on-boarding options
- D. MDM integration
Answer: B,C
NEW QUESTION 29
Which two of the following are required for endpoint compliance monitors? (Choose two.)
- A. Persistent agent
- B. Custom scan
- C. Security rule
- D. Logged on user
Answer: A,B
Explanation:
DirectDefense's analysis of FireEye Endpoint attests that the products help meet the HIPAA Security Rule.
In the menu on the left click the + sign next to Endpoint Compliance to open it.
Reference:
https://docs.fortinet.com/document/fortinac/8.5.2/administration-guide/92047/add-or-modify-a-scan
NEW QUESTION 30
Refer to the exhibit, and then answer the question below.
Which host is rogue?
- A. 0
- B. 1
- C. 2
- D. 3
Answer: D
NEW QUESTION 31
Where are logical network values defined?
- A. In the port properties view of each port
- B. On the profiled devices view
- C. In the model configuration view of each infrastructure device
- D. In the security and access field of each host record
Answer: D
NEW QUESTION 32
Which three communication methods are used by the FortiNAC to gather information from, and control, infrastructure devices? (Choose three)
- A. OSNMP
- B. SMTP
- C. RADIUS
- D. DCLI
- E. FTP
Answer: B,D,E
NEW QUESTION 33
During the on-boarding process through the captive portal, why would a host that successfully registered remain stuck in the Registration VLAN? (Choose two.)
- A. There is another unregistered host on the same port.
- B. The wrong agent is installed.
- C. Bridging is enabled on the host.
- D. The ports default VLAN is the same as the Registration VLAN.
Answer: B,D
Explanation:
Scenario 4: NAT detection disabled, using endpoint compliance policy and agent.
Reference: https://fortinetweb.s3.amazonaws.com/docs.fortinet.com/v2/attachments/868f1267-7299-11e9-
81a4-00505692583a/fortinac-admin-operation-85.pdf
NEW QUESTION 34
Which two agents can validate endpoint compliance transparently to the end user? (Choose two.)
- A. Mobile
- B. Passive
- C. Dissolvable
- D. Persistent
Answer: A,D
Explanation:
Explanation
Mobile agents use the network transparently.
NEW QUESTION 35
......
Understanding functional and technical aspects of Network Security Specialist Fortinet NSE6_FNC-8.5 Professional Exam Object Management
The following will be discussed in FORTINET NSE6_FNC-8.5 exam dumps:
- FortiAP
- High Availability
- Designing, implementing and maintaining a basic, single channel FortiWLC based wireless network
- FortiWiFi
- Use of FortiAuthenticator for secure authentication and identity management
- Use of FortiSandbox for protection from emerging threats
- Advancing Routing
- Use of FortiMAil for protection from existing email borne threats
- Link load balancing
- FortiGate
- Learning the Deployment, Configuration, and Troubleshooting of the Fortinet Application firewall
- Configuring FortiVoice system
- Recognizing and mitigating individual and distributed denial of service attacks (DDoS) attacks
- Layer 4 and Layer 7 server load balancing
NSE6_FNC-8.5 Exam Dumps, NSE6_FNC-8.5 Practice Test Questions: https://www.itexamreview.com/NSE6_FNC-8.5-exam-dumps.html
Free NSE6_FNC-8.5 Study Guides Exam Questions and Answer: https://drive.google.com/open?id=1HjU7uoxVi8g6mYj1qwTpnh4L5Md7q1R0
