option
Cuestiones
ayuda
daypo
CREAR TEST
buscar.php

SASE

COMENTARIOS ESTADÍSTICAS RÉCORDS
REALIZAR TEST
Título del Test:
SASE

Descripción:
SASE AD_

Fecha de Creación: 2025/11/26

Categoría: Otros

Número Preguntas: 27

Valoración:(0)
COMPARTE EL TEST
Nuevo ComentarioNuevo Comentario
Comentarios
NO HAY REGISTROS
Temario:

Which two components are part of onboarding a secure web gateway (SWG) endpoint for secure internet access (SIA)? (Choose two.). proxy auto-configuration (PAC) file. FortiSASE certificate authority (CA) certificate. FortiClient software. tunnel policy.

How will the application vulnerabilities be patched, based on the exhibits provided?. The vulnerability will be patched automatically based on the endpoint profile configuration. The vulnerability will be patched by installing the patch from the vendor’s website. The end user will patch the vulnerabilities using the FortiClient software. An administrator will patch the vulnerability remotely using FortiSASE.

When accessing the FortiSASE portal for the first time, an administrator must select data center locations for which three FortiSASE components? (Choose three.). Identity & access management (IAM). Points of presence. Endpoint management. Logging. Sandbox.

Based on the configuration shown, in which two ways will FortiSASE process sessions that require FortiSandbox inspection? (Choose two.). Only endpoints assigned a profile for sandbox detection will be processed by the sandbox feature. FortiClient quarantines only infected files that FortiSandbox detects as medium level. All files executed on a USB drive will be sent to FortiSandbox for analysis. All files will be sent to a on-premises FortiSandbox for inspection.

Which two of the following can release the network lockdown on the endpoint applied by FortiSASE? (Choose two.). When the endpoint connects to the FortiSASE tunnel. When the endpoint is determined as on-net. When the endpoint is rebooted. When the endpoint is determined as compliant using ZTNA tags.

A FortiSASE administrator has configured an antivirus profile in the security profile group and applied it to the internet access policy. Remote users are still able to download the eicar.com-zip file from https://eicar.org. Which configuration on FortiSASE is allowing users to perform the download?. Web filter is allowing the URL. Deep inspection is not enabled. Application control is exempting all the browser traffic. Intrusion prevention is disabled.

Which secure internet access (SIA) use case minimizes individual endpoint configuration?. Agentless remote user internet access. Site-based remote user internet access. SIA using ZTNA. SIA for FortiClient agent remote users.

A company must provide access to a web server through FortiSASE secure private access for contractors. What is the recommended method to provide access?. Configure a TCP access proxy forwarding rule and push it to the contractor FortiClient endpoint. Update the DNS records on the endpoint to access private applications. Publish the web server URL on a bookmark portal and share it with contractors. Update the PAC file with the web server URL and share it with contractors.

What are two benefits of deploying secure private access with SD-WAN? (Choose two.). a direct access proxy tunnel from FortiClient to the on-premises FortiGate. ZTNA posture check performed by the hub FortiGate. support of both TCP and UDP applications. inline security inspection by FortiSASE.

Which two advantages does FortiSASE bring to businesses with microbranch offices that have FortiAP deployed for unmanaged devices? (Choose two.). It secures internet access both on and off the network. It uses zero trust network access (ZTNA) tags to perform device compliance checks. It eliminates the requirement for an on-premises firewall. It simplifies management and provisioning.

In a FortiSASE secure web gateway (SWG) deployment, which two features protect against web-based threats? (Choose two.). SSL deep inspection for encrypted web traffic. malware protection with sandboxing capabilities. web application firewall (WAF) for web applications. intrusion prevention system (IPS) for web traffic.

In the Secure Private Access (SPA) use case, which two FortiSASE features facilitate access to corporate applications? (Choose two.). cloud access security broker (CASB). SD-WAN. zero trust network access (ZTNA). thin edge.

Which statement best describes the Digital Experience Monitor (DEM) feature on FortiSASE?. It provides end-to-end network visibility from all the FortiSASE security PoPs to a specific SaaS application. It gathers all the vulnerability information from all the FortiClient endpoints. It is used for performing device compliance checks on endpoints. It monitors the FortiSASE POP health based on ping probes.

An organization must block user attempts to log in to non-company resources while using Microsoft Office 365 to prevent users from accessing unapproved cloud resources. Which FortiSASE feature can you implement to meet this requirement?. application control with inline-CASB. data loss prevention (DLP) with Microsoft Purview Information Protection (MPIP). web filter with inline-CASB. DNS filter with domain filter.

An administrator must restrict endpoints from certain countries from connecting to FortiSASE. Which configuration can achieve this?. Configure a network lockdown policy on the endpoint profiles. Configure a geography address object as the source for a deny policy. Configure geofencing to restrict access from the required countries. Configure source IP anchoring to restrict access from the specified countries.

What is required to enable the MSSP feature on FortiSASE?. Role-based access control (RBAC) must be assigned to identity and access management (IAM) users using the FortiCloud IAM portal. The MSSP add-on license must be applied to FortiSASE. MSSP user accounts and permissions must be configured on the FortiSASE portal. Multi-tenancy must be enabled on the FortiSASE portal.

Which two components are part of onboarding a secure web gateway (SWG) endpoint for secure internet access (SIA)? (Choose two.). proxy auto-configuration (PAC) file. FortiSASE certificate authority (CA) certificate. FortiClient software. tunnel policy.

Which two advantages does FortiSASE bring to businesses with microbranch offices that have FortiAP deployed for unmanaged devices? (Choose two.). It secures internet access both on and off the network. It uses zero trust network access (ZTNA) tags to perform device compliance checks. It eliminates the requirement for an on-premises firewall. It simplifies management and provisioning.

Which information can an administrator monitor using reports generated on FortiSASE?. sanctioned and unsanctioned Software-as-a-Service (SaaS) applications usage. FortiClient vulnerability assessment. SD-WAN performance. FortiSASE administrator and system events.

Which information does FortiSASE use to bring network lockdown into effect on an endpoint?. Zero-day malware detection on endpoint. The number of critical vulnerabilities detected on the endpoint. The security posture of the endpoint based on ZTNA tags. The connection status of the tunnel to FortiSASE.

Which two purposes is the dedicated IP address used for in a FortiSASE deployment? (Choose two.). For user access control to FortiSASE. For allocation and assignment of unique IP addresses to remote users. For regulatory compliance. For isolation and identification.

What can be configured on FortiSASE as an additional layer of security for FortiClient registration?. security posture tags. application inventory. user verification. device identification.

Your organization is currently using FortiSASE for its cybersecurity. They have recently hired a contractor who will work from the HQ office and who needs temporary internet access in order to set up a web-based point of sale (POS) system. What is the recommended way to provide internet access to the contractor?. Use zero trust network access (ZTNA) and tag the client as an unmanaged endpoint. Use the self-registration portal on FortiSASE to grant internet access. Use a tunnel policy with a contractors user group as the source on FortiSASE to provide internet access. Use a proxy auto-configuration (PAC) file and provide secure web gateway (SWG) service as an explicit web proxy.

A FortiSASE administrator has configured FortiSASE as a spoke to a FortiGate hub. The tunnel is up to the FortiGate hub. However, the remote FortiClient is not able to access the web server hosted behind the FortiGate hub. Based on the exhibits, what is the reason for the access failure?. A private access policy has denied the traffic because of failed compliance. The hub is not advertising the required routes. The hub firewall policy does not include the FortiClient address range. The server subnet BGP route was not received on FortiSASE.

A customer wants to ensure secure access for private applications for their users by replacing their VPN. Which two SASE technologies can you use to accomplish this task? (Choose two.). zero trust network access (ZTNA). secure SD-WAN. secure web gateway (SWG) and cloud access security broker (CASB). SD-WAN on-ramp.

Which two additional features does FortiClient integration provide with FortiSASE, when compared to secure web gateway (SWG) deployment? (Choose two.). vulnerability management. device posture check. inline-CASB protection. SSL inspection.

What is the benefit of SD-WAN on-ramp deployment with FortiSASE?. To provide access to private applications using the bookmark portal. To provide device compliance checks using ZTNA tags. To secure internet traffic for branch users. To manage branch location endpoints.
Denunciar Test