Refer to the exhibit

Examine the FortiGate RSSO configuration shown in the exhibit
FortiGate is configured to receive RADIUS accounting messages on port3 to authenticate RSSO users The users are located behind port3 and the internet link is connected to port1 FortiGate is processing incoming RADIUS accounting messages successfully and RSSO users are getting associated with the RSSO Group user group However all the users are able to access the internet, and the administrator wants to restrict internet access to RSSO users only Which configuration change should the administrator make to fix the problem?

• A.Enable Security Fabric Connection on port3
• B.Create a second firewall policy from port3 lo port1 and select the target destination subnets
• C.Add RSSO Group to the firewall policy
• D.Change the RADIUS Attribute Value selling to match the name of the RADIUS attribute containing the group membership information of the RSSO users

Comment: *

Name: *

Email: *

Verification: *

An administrator is testing the connectivity for a new VLAN The devices in the VLAN are connected to a FortiSwitch device that is managed by FortiGate Quarantine is disabled on FortiGate While testing the administrator noticed that devices can ping FortiGate and FortiGate can ping the devices The administrator also noticed that inter-VLAN communication works However intra-VLAN communication does not work Which scenario is likely to cause this issue?

• A.The FortiSwitch MAC address table is missing entries
• B.The native VLAN configured on the ports is incorrect
• C.The FortiGate ARP table is missing entries
• D.Access VLAN is enabled on the VLAN

Comment: *

Name: *

Email: *

Verification: *

Where can FortiGate learn the FortiManager IP address or FQDN for zero-touch provisioning'?

• A.From an LDAP server using a simple bind operation
• B.From a TFTP server
• C.From a DHCP server using options 240 and 241
• D.From a DNS server using A or AAAA records

Comment: *

Name: *

Email: *

Verification: *

Refer to the exhibit.

Examine the FortiManager information shown in the exhibit
Which two statements about the FortiManager status are true'' (Choose two)

• A.FortiSwitch manager is working in per-device management mode
• B.FortiSwitch is not authorized
• C.FortiSwitch manager is working in central management mode
• D.FortiSwitch is authorized and offline

Comment: *

Name: *

Email: *

Verification: *

What is the purpose of enabling Windows Active Directory Domain Authentication on FortiAuthenticator?

• A.It enables FortiAuthenticator to use Windows administrator credentials to perform an LDAP lookup for a user search
• B.It enables FortiAuthenticator to use a Windows CA certificate when authenticating RADIUS users
• C.It enables FortiAuthenticator to import users from Windows AD
• D.It enables FortiAuthenticator to register itself as a Windows trusted device to proxy authentication using Kerberos

Comment: *

Name: *

Email: *

Verification: *