Summer Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: pass65

Discussions
  1. Home
  2. Fortinet
  3. Fortinet Network Security Expert
  4. FCP_FAC_AD-6.5
  5. FCP - FortiAuthenticator 6.5 Administrator Questions and Answers

Pass the Fortinet Network Security Expert FCP_FAC_AD-6.5 Questions and answers with ValidTests

Exam FCP_FAC_AD-6.5 All Questions
Exam FCP_FAC_AD-6.5 Premium Access

View all detail and faqs for the FCP_FAC_AD-6.5 exam

Go to Exam
Viewing page 1 out of 1 pages
Viewing questions 1-10 out of questions
Questions # 1:

An administrator has just learned that an intermediate CA certificate signed by a FortiAuthenticator device acting as the Root CA has been compromised.

Which two steps should the administrator take to resolve the security issue? (Choose two.)

Options:

A.

Revoke the Intermediate certificate so it is added to the CRL of the Root CA.

B.

Revoke all end-system and end-user certificates that this compromised intermediate CA has signed.

C.

Create a new intermediate certificate with the same private key.

D.

Update the OCSP responder URLs for the certificate.

Expert Solution
Questions # 2:

Which option correctly describes an SP-initiated SSO SAML packet flow for a host without a SAML assertion?

Options:

A.

Principal contacts identity provider and authenticates, identity provider relays principal to service provider after valid authentication

B.

Service provider contacts identity provider, identity provider validates principal for service provider, service provider establishes communication with principal

C.

Principal contacts identity provider and is redirected to service provider, principal establishes connection with service provider, service provider validates authentication with identity provider

D.

Principal contacts service provider, service provider redirects principal to identity provider, after successful authentication identity provider redirects principal to service provider

Expert Solution
Questions # 3:

You are a FortiAuthenticator administrator for a large organization. Users who are configured to use FortiToken 200 for two-factor authentication can no longer authenticate. You have verified that only the users with two-factor authentication are experiencing the issue.

What can cause this issue?

Options:

A.

Time drift between FortiAuthenticator and hardware tokens

B.

The seed value on the tokens was incorrectly updated

C.

Token certificate was added to a CRL

D.

FortiAuthenticator has lost contact with the FortiCloud token provisioning servers

Expert Solution
Questions # 4:

A network administrator is using FortiAuthenticator as their RADIUS server for wired and wireless network access. The administrator wants to pass the users' group information back to the RADIUS clients when the users authenticate.

How does FortiAuthenticator accomplish this?

Options:

A.

RADIUS attributes

B.

RADIUS accounting

C.

Syslog messages

D.

REST API

Expert Solution
Questions # 5:

When creating an administrative user, what capabilities does the Web service access option provide?

Options:

A.

Access to the administrative GUI from outside the local subnet

B.

Management of enabled web services on the FortiAuthenticator interface

C.

Access to web services using the REST API

D.

Provides management access for all portal service configurations

Expert Solution
Questions # 6:

Which two statements about asymmetric cryptography are true? (Choose two.)

Options:

A.

Private keys are distributed in the server's digital certificates

B.

It distributes key pairs to both the client and the server

C.

The public key can be openly distributed

D.

It uses a mathematically linked public and private key pair

Expert Solution
Questions # 7:

Refer to the exhibit.

Question # 7

Examine the RADIUS policy configuration shown in the exhibit. A user attempts to authenticate by entering the usernamejdoe@example.comand their password.

Which realm will the user be authenticated against?

Options:

A.

Corp-2, but only if the user has a local account

B.

Corporate

C.

Local

D.

Local, but only if the account is a member of the FWAdmins group

Expert Solution
Questions # 8:

Which FSSO discovery method transparently detects logged off users without having to rely on external features such as WMI polling?

Options:

A.

RADIUS accounting

B.

FortiClient SSO mobility agent

C.

DC polling

D.

Windows AD polling

Expert Solution
Questions # 9:

When performing a remote LDAP server integration with FortiAuthenticator, how do server type templates assist with the integration?

Options:

A.

They autopopulate the simple and regular bind settings.

B.

They automatically set the LDAP user auto provisioning settings.

C.

They populate the query element fields with defined attribute and class values.

D.

They define the connection security and domain authentication settings for each LDAP server you integrate with.

Expert Solution
Viewing page 1 out of 1 pages
Viewing questions 1-10 out of questions