NSE6_FNC-7.2 Fortinet NSE 6 - FortiNAC 7.2 Questions and Answers

Forced Quarantine, study guide 7.2 pag 245 and 248

DirectDefense’s analysis of FireEye Endpoint attests that the products help meet the HIPAA Security Rule.

In the menu on the left click the + sign next to Endpoint Compliance to open it.

In an isolation VLAN, FortiNAC supplies DHCP and DNS services. The guide specifies that FortiNAC has a DHCP scope defined for a particular VLAN and should be the only DHCP server available to hosts on that VLAN. Additionally, hosts on the VLAN would get a DNS server configuration of the FortiNAC IP for that VLAN

The exhibit shows a configuration panel where VLAN IDs are specified for different states, such as Default, Registration, and Authentication. When forcing the registration of unknown (rogue) hosts, if an unknown host connects to a port on the switch, the FortiNAC system will move the host to the VLAN designated for Registration. In the exhibit, the VLAN ID for Registration is set to 111, hence the host would be moved to VLAN 111 to undergo the registration process.

Device profiling rules in FortiNAC are used to evaluate and classify rogue devices. These rules can be configured to automatically, manually, or through sponsorship evaluate and classify unknown untrusted devices as they are identified and created​​.

References

FortiNAC 7.2 Study Guide, page 98

To gather a list of installed applications and application details from a host, two methods can be used:

Agent technology: FortiNAC uses agent technology to collect all installed applications on an endpoint.

Integration with MDMs (Mobile Device Management systems): MDMs that support application gathering can be integrated with FortiNAC to collect application information​​.

References

FortiNAC 7.2 Study Guide, page 302

In systems like FortiNAC, when a port is designated to be in multiple enforcement groups, it is common for only the higher-priority or higher-ranked group's policies to be applied. This is to prevent conflicting enforcement actions from being attempted on the same port. Although the specific details of the priority or ranking system are not provided in the extracted references, the principle of hierarchical policy enforcement suggests that only the policies of the higher-ranked group would be applied to the port.

References

FortiNAC documentation would typically outline this behavior in sections discussing port group enforcement or policy application.

Looking at the provided exhibit which shows the Modify User/Host Profile window, the following must be true for a host to match the user/host profile:

The host must be connected to a port within the "Building 1 First Floor Ports" group.

The host must fulfill at least one of the following attributes:

Have a role value of "Contractor"

Have an installed persistent agent with the security and access value of "Contractor"

The host must be connected between the specified times of 6 AM and 5 PM on any day of the week.

The profile specifies that the host can match the profile by having any one of the listed attributes (Role as Contractor, Persistent Agent installed with specific security & access value), and the time condition must also be met. Therefore, the correct answer is D, which includes "or" conditions for the role value and persistent agent and specifies the correct time frame.

Network Access policies as a common type of policy in FortiNAC, used to dynamically provision access to connecting endpoints. While Authentication is typically a policy type in network access control systems like FortiNAC

The command and output shown in the exhibit indicate that the host FortiNAC-Secondary is referencing FortiNAC-Primary, and it states "Slave is active." In database replication terminology within a high availability setup, the term "Slave is active" typically means that the secondary server (slave) is actively receiving data from the primary server (master). This implies that the synchronization process from the primary to the secondary database has been successful and is currently active​​.

References

FortiNAC 7.2 Study Guide, Security Policies section