Summer Sale Limited Time 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 28522818

Home > Fortinet > Fortinet Certification > NSE7_ZTA-7.2

NSE7_ZTA-7.2 Fortinet NSE 7 - Zero Trust Access 7.2 Question and Answers

Question # 4

Which two statements are true regarding certificate-based authentication for ZTNA deployment? (Choose two.)

A.

FortiGate signs the client certificate submitted by FortiClient.

B.

The default action for empty certificates is block

C.

Certificate actions can be configured only on the FortiGate CLI

D.

Client certificate configuration is a mandatory component for ZTNA

Full Access
Question # 5

Which method is used to install passive agent on an endpoint?

A.

Deployed by using a login/logout script

B.

Agent is downloaded from Playstore

C.

Agent is downloaded and run from captive portal

D.

Installed by user or deployment tools

Full Access
Question # 6

Exhibit.

Based on the ZTNA logs provided, which statement is true?

A.

The Remote_user ZTNA tag has matched the ZTNA rule

B.

An authentication scheme is configured

C.

The external IP for ZTNA server is 10 122 0 139.

D.

Traffic is allowed by firewall policy 1

Full Access
Question # 7

Which factor is a prerequisite on FortiNAC to add a Layer 3 router to its inventory?

A.

Allow HTTPS access from the router to the FortiNAC ethO IP address

B.

Allow FTP access to the FortiNAC database from the router

C.

The router responding to ping requests from the FortiNAC eth1 IP address

D.

SNMP or CLI access to the router to carry out remote tasks

Full Access
Question # 8

What are two functions of NGFW in a ZTA deployment? (Choose two.)

A.

Acts as segmentation gateway

B.

Endpoint vulnerability management

C.

Device discovery and profiling

D.

Packet Inspection

Full Access
Question # 9

What happens when FortiClient EMS is configured as an MDM connector on FortiNAC?

A.

FortiNAC sends the hostdata to FortiClient EMS to update its host database

B.

FortiClient EMS verifies with FortiNAC that the device is registered

C.

FortiNAC polls FortiClient EMS periodically to update already registered hosts in FortiNAC

D.

FortiNAC checks for device vulnerabilities and compliance with FortiClient

Full Access