Fortinet fcp fct ad 7 2 practice test

An administrator must add an authentication server on FortiClient EMS in a different security zone that cannot allow a direct connection.
Which solution can provide secure access between FortiClient EMS and the Active Directory server?

• A. Configure and deploy a FortiGate device between FortiClient EMS and the Active Directory server.
• B. Configure Active Directory and install FortiClient EMS on the same VM.
• C. Configure a slave FortiClient EMS on a virtual machine.
• D. Configure an Active Directory connector between FortiClient EMS and the Active Directory server.

Refer to the exhibit, which shows FortiClient EMS deployment profiles.

When an administrator creates a deployment profile on FortiClient EMS, which statement about the deployment profile is true?

• A. Deployment-2 will upgrade FortiClient on both the AD group and workgroup.
• B. Deployment-1 will install FortiClient on new AD group endpoints.
• C. Deployment-2 will install FortiClient on both the AD group and workgroup.
• D. Deployment-1 will upgrade FortiClient only on the workgroup.

Which two statements are true about ZTNA? (Choose two.)

• A. ZTNA manages access for remote users only.
• B. ZTNA provides role-based access.
• C. ZTNA provides a security posture check.
• D. ZTNA manages access through the client only.

When site categories are disabled in FortiClient web filter, which feature can be used to protect the endpoint from malicious web access?

• A. Real-time protection list
• B. Block malicious websites on antivirus
• C. FortiSandbox URL list
• D. Web exclusion list

Which two are benefits of using multi-tenancy mode on FortiClient EMS? (Choose two.)

• A. Separate host servers manage each site.
• B. Licenses are shared among sites.
• C. The fabric connector must use an IP address to connect to FortiClient EMS.
• D. It provides granular access and segmentation.

Refer to the exhibit.

Based on the FortiClient logs shown in the exhibit, which endpoint profile policy is currently applied to the FortiClient endpoint from the EMS server?

• A. Fortinet-Training
• B. Default configuration policy
• C. Compliance rules default
• D. Default

An administrator installs FortiClient EMS in the enterprise.
Which component is responsible for enforcing protection and checking security posture?

• A. FortiClient EMS tags
• B. FortiClient vulnerability scan
• C. FortiClient
• D. FortiClient EMS

An administrator wants to simplify remote access without asking users to provide user credentials.
Which access control method provides this solution?

• A. ZTNA full mode
• B. SSL VPN
• C. L2TP
• D. ZTNA IP/MAC filtering mode

Refer to the exhibit.

Based on the FortiClient log details shown in the exhibit, which two statements are true? (Choose two.)

• A. The filename is Unconfirmed 899290.crdownload.
• B. The file status is Quarantined.
• C. The filename is sent to FortiSandbox for further inspection.
• D. The file location is \??\D:\Users\.

A FortiClient EMS administrator has enabled the compliance rule for the sales department.
Which Fortinet device will enforce compliance with dynamic access control?

• A. FortiClient
• B. FortiClient EMS
• C. FortiGate
• D. FortiAnalyzer