Fortinet NSE5_FCT-7.0 Exam Practice Questions (P. 2)

GPT-4o - Answer

If a FortiClient installation through Microsoft AD group policy results in missing custom configurations, it's typically due to the absence of the MST file from the distribution package. The MST, or transform file, modifies the MSI installer to include those custom settings. Having only the MSI file means the default configuration is applied, leading to the absence of any pre-set customizations intended for the deployment. Always check that both MSI and MST files are included and correctly linked in the distribution package.

GPT-4o - Answer

The default configuration for FortiClient on server operating systems, such as Windows Server, includes the automatic disabling of real-time protection. This setting minimizes potential compatibility issues with other server applications like MS Exchange or SQL Server, ensuring stable server operations without compromising the overall security infrastructure. The protocol is designed to prioritize system performance and stability on critical applications typically run on servers.

GPT-4o - Answer

When FortiClient's anti-exploit detection identifies an exploit in an application, it promptly terminates the compromised application process. This immediate action helps to safeguard the endpoint from potential damage or data breaches that could result from the exploit executing its malicious activities further. FortiClient acts on this by monitoring applications prone to exploits such as browsers, Java/Flash plug-ins, and various commonly used office applications, ensuring robust security against zero-day attacks and similar threats.