NSE6_FAC-6.1 Online Practice Questions and Answers

At a minimum, which two configurations are required to enable guest portal services on FortiAuthenticator? (Choose two)

A. Configuring a portal policy

B. Configuring at least on post-login service

C. Configuring a RADIUS client

D. Configuring an external authentication portal

You are the administrator of a large network that includes a large local user datadabase on the current Fortiauthenticatior. You want to import all the local users into a new Fortiauthenticator device.

Which method should you use to migrate the local users?

A. Import users using RADIUS accounting updates.

B. Import the current directory structure.

C. Import users fromRADUIS.

D. Import users using a CSV file.

What happens when a certificate is revoked? (Choose two)

A. Revoked certificates cannot be reinstated for any reason

B. All certificates signed by a revoked CA certificate are automatically revoked

C. Revoked certificates are automatically added to the CRL

D. External CAs will priodically query Fortiauthenticator and automatically download revoked certificates

Which EAP method is known as the outer authentication method?

A. PEAP

B. EAP-GTC

C. EAP-TLS

D. MSCHAPV2

Which two SAML roles can Fortiauthenticator be configured as? (Choose two)

A. Idendity provider

B. Principal

C. Assertion server

D. Service provider

When you are setting up two FortiAuthenticator devices in active-passive HA, which HA role must you select on the masterFortiAuthenticator?

A. Active-passive master

B. Standalone master

C. Cluster member

D. Load balancing master

Which two features of FortiAuthenticator are used for EAP deployment? (Choose two)

A. Certificate authority

B. LDAP server

C. MAC authentication bypass

D. RADIUS server

Which two capabilities does FortiAuthenticator offer when acting as a self-signed or local CA? (Choose two)

A. Validating other CA CRLs using OSCP

B. Importing other CA certificates and CRLs

C. Merging local and remote CRLs using SCEP

D. Creating, signing, and revoking of X.509 certificates

A device or useridentity cannot be established transparently, such as with non-domain BYOD devices, and allow users to create their own credentialis.

In this case, which user idendity discovery method can Fortiauthenticator use?

A. Syslog messaging or SAML IDP

B. Kerberos-base authentication

C. Radius accounting

D. Portal authentication

Which two are supported captive or guest portal authentication methods? (Choose two)

A. Linkedln

B. Apple ID

C. Instagram

D. Email