Nest 0 Cart
Nest Account
Popular Exams
All Categories...
Nest
Nest 0
Contact
Log In / Sign Up
Copyright 2024 © store. All rights reserved.
Home Fortinet NSE6_FAC-6.4

Fortinet NSE6_FAC-6.4 Exam Practice Questions (P. 2)

  • Full Access (30 questions)
  • Six months of Premium Access
  • Access to one million comments
  • Seamless ChatGPT Integration
  • Ability to download PDF files
  • Anki Flashcard files for revision
  • No Captcha & No AdSense
  • Advanced Exam Configuration
Get Contributor Access
Question #6
Which network configuration is required when depioying FortiAuthenticator for portal services?
  1. A
    One of the DNS servers must be a FortiGuard DNS server
  2. B
    Policies must have specific ports open between FortiAuthenticator and the authentication clients
  3. C
    FortiGate must be set up as the default gateway for FortiAuthenticator
  4. D
    FortiAuthenticator must have the REST API access enabled on port 1

Correct Answer:
B

Question #7
You are a FortiAuthenticator administrator for a large organization. Users who are configured to use FortiToken 200 for two-factor authentication can no longer authenticate. You have verified that only the users with two-factor authentication are experiencing the issue.
What can cause this issue?
  1. A
    FortiToken 200 license has expired.
  2. B
    One of the FortiAuthenticator devices in the active-active cluster has failed.
  3. C
    Time drift between FortiAuthenticator and hardware tokens.
  4. D
    FortiAuthenticator has lost contact with the FortiToken Cloud servers.

Correct Answer:
C

Question #8
Why would you configure an OCSP responder URL in an end-entity certificate?
  1. A
    To designate the SCEP server to use for CRL updates for that certificate
  2. B
    To identify the end point that a certificate has been assigned to
  3. C
    To designate a server for certificate status checking
  4. D
    To provide the CRL location for the certificate

Correct Answer:
C

Question #9
An administrator wants to keep local CA cryptographic keys stored in a central location.
Which FortiAuthenticator feature would provide this functionality?
  1. A
    SCEP support
  2. B
    REST API
  3. C
    Network HSM
  4. D
    SFTP server

Correct Answer:
C

Question #10
Which option correctly describes an SP-initiated SSO SAML packet flow for a host without a SAML assertion?
  1. A
    Principal contacts service provider, service provider redirects principal to identity provider, after successful authentication identity provider redirects principal to service provider.
  2. B
    Principal contacts identity provider and is redirected to service provider, principal establishes connection with service provider, service provider validates authentication with identity provider.
  3. C
    Principal contacts identity provider and authenticates, identity provider relays principal to service provider after valid authentication.
  4. D
    Service provider contacts identity provider, identity provider validates principal for service provider, service provider establishes communication with principal.

Correct Answer:
C

Previous Questions Next Questions

All Pages