avemaria

An administrator must perform an initial deployment of FortiClient on domain-joined endpoints. Which method is recommended for the deployment?. Send an email to all domain users including the FortiClient installer. Import domain endpoints on FortiClient EMS and deploy FortiClient installers to the endpoints. Configure domain endpoints to download installers directly from FortiClient cloud service. Use Group Policy Object (GPO) to install FortiClient on domain endpoints.

When multitenancy is enabled on FortiClient EMS, which administrator role can provide access to the global site only?. Tenant administrator. Settings administrator. Standard administrator. Global administrator.

The zero trust network access (ZTNA) serial number on endpoint br-pc-1 is in a disabled state. What is causing the problem?. The ZTNA feature is not installed on FortiClient. The ZTNA destinations endpoint profile is disabled. The ZTNA is disabled due to FortiClient disconnected from FortiClient EMS. The ZTNA certificate has been revoked by administrator.

Why is the endpoint tagged as indicator of compromise (IOC) suspicious?. The endpoint hq-pc-1 is tagged with the security posture tag IOC suspicious. The FortiClient EMS fabric connector is configured on FortiAnalyzer. The FortiClient EMS administrator manually tagged it using the console. The administrator student1 on FortiAnalyzer executed the playbook.

Which statement applies to the EMS server certificate configuration shown in the exhibit?. The FortiCare certificate is used by FortiClient EMS to inspect SSL traffic for Chromebooks. The FortiCare certificate is used to encrypt telemetry communication with the endpoints. The FortiCare certificate is used to sign certificate requests from endpoints for zero trust network access (ZTNA). The FortiCare certificate is used for communication with FortiGate as part of the Security Fabric.

An administrator must deploy FortiClient for an organization that has BYOD and remote users. What can the administrator use to deploy FortiClient?. FortiClient zero-touch provisioning. Microsoft System Center Configuration Manager (SCCM). Microsoft Intune. Group policy Object (GPO).

The security team plans to leverage their existing Fortinet Security Fabric infrastructure to create an automated response capability to isolate compromised endpoints. Their environment consists of FortiClient EMS, FortiGate firewalls, and FortiAnalyzer. Which two configurations are required to quarantine endpoints based on indicator of compromise (IOC) verdicts from the security fabric deployment? (Choose two.). A FortiAnalyzer playbook configured to notify FortiGate about IOC incidents. An automation stitch configured on FortiGate for host quarantine. FortiClient configured to send traffic and security logs to FortiAnalyzer. The IOC feature enabled in the malware endpoint protection profile.

FortiGate has lost connectivity with FortiClient EMS. What is causing this problem?. FortiGate is not able to reach the IP address or FQDN of the FortiClient EMS server. FortiGate is not able to verify the FortiClient EMS serial number. FortiGate is not able to establish trust using the FortiClient EMS CA certificate. FortiGate is not able to reach FortiClient EMS on telemetry port 8013.

An administrator notes that no new endpoint data is populated on FortiGate. What is the possible issue?. The FortiGate connector port is being blocked on FortiClient EMS server. The FortiClient EMS CA certificate is not trusted on FortiGate. FortiGate is not able to reach FortiClient EMS on telemetry port 8013. FortiGate is not able to reach the IP address or FQDN of the FortiClient EMS server.

Why is the end user denied access to twitter.com?. They are being blocked by the application firewall endpoint profile. They are being blocked by the exclusion list in the web filter endpoint profile. They are being blocked by FortiGuard categories in the web filter endpoint profile. They are being blocked by the deny list in the malware protection endpoint profile.

Which two statements apply to FortiClient forensics analysis? (Choose two.). FortiClient sends an alert notification when malicious activity is triggered. The administrator must request analysis for the desired endpoint. The endpoint is quarantined until forensics is completed. Forensics analysis features must be enabled in the system settings profile.

Which two statements about FortiClient EMS integration with Active Directory (AD) are true? (Choose two.). FortiClient EMS has full read-write access on the AD server. FortiClient installations on domain endpoints can deployed from FortiClient EMS. Endpoint profiles can be assigned to endpoints based on domain groups. Imported AD endpoints cannot be directly deleted on FortiClient EMS.

An administrator has lost web access to the FortiClient EMS console, and the web page to access to the console is timing out. How can the administrator gather information to investigate the issue?. Use the CLI diagnostic tool on the EMS server. Download the webserver logs from the PostgreSQL server. Use the diagnostic logs option from the FortiClient EMS GUI. Download the log generator from the support site and run it on the EMS server.

Why is the user not able to access bbc.com?. The URL is blocked by the web filter endpoint profile. The endpoint cannot resolve the URL FQDN. FortiGuard servers are not reachable from the endpoint. The application firewall is blocking Google Chrome.

What establishes device identity and trust in a zero trust network access (ZTNA) deployment?. device fingerprinting. public key infrastructure (PKI). FortiClient connection key. token-based authentication.

An administrator must inspect the dropbox Software-as-a-Service (SaaS) traffic on FortiGate for offnet FortiClient users. Which configuration will achieve this?. Configure the ZTNA server on FortiGate with service HTTPS. Enable the cloud access security broker (CASB) feature in a web filter endpoint profile. Create a standard firewall policy with inline-CASB enabled and dropbox as destination. Add dropbox to the zero trust network access (ZTNA) destinations endpoint profile on FortiClient EMS.

Antivirus software is installed on a Windows 10 endpoint, but the windows application firewall is stopping it from running. Which action will FortiClient take on the endpoint?. FortiClient will quarantine the endpoint until compliant. FortiClient will tag the endpoint as non-compliant. FortiClient will notify the user to enable antivirus. FortiClient telemetry will be disconnected because of failed compliance.