When you configure a FortiAP wireless interface for auto TX power control which statement describes how it configures its transmission power"?

• A.Every 30 seconds FortiGate measures the signal strength of the weakest associated client The AP will then configure its radio power to match the detected signal strength of the client
• B.Every 30 seconds FortiGate measures the signal strength of adjacent AP interfaces It will adjust its own AP power to match the adjacent AP signal strength
• C.Every 30 seconds the AP will measure the signal strength of the AP using the client The AP will adjust its signal strength up or down until the AP signal is detected at -70 dBm
• D.Every 30 seconds FortiGate measures the signal strength of adjacent FortiAP interfaces It will adjust the adjacent AP power to be detectable at -70 dBm

Comment: *

Name: *

Email: *

Verification: *

Which CLI command should an administrator use to view the certificate verification process in real time?

• A.diagnose debug application foauthd -1
• B.diagnose debug application radiusd -1
• C.diagnose debug application authd -1
• D.diagnose debug application fnbamd -1

Comment: *

Name: *

Email: *

Verification: *

Refer to the exhibit. Examine the RADIUS server configuration shown in the exhibit.
An administrator has configured a RADIUS server on FortiGate that points to FortiAuthenticator.
FortiAuthenticator is acting as an authentication proxy and is configured to relay all authentication requests to a remote Windows AD server using LDAP.
While testing the configuration, the administrator noticed that the diagnose test authserver command worked with PAP; however, authentication requests failed when using MSCHAP2.
Which two solutions can the administrator implement to get MSCHAP2 authentication to work?
(Choose two.)

• A.On FortiAuthenticator enable Windows Active Directory Domain Authentication to add FortiAuthenticator to the Windows domain
• B.On FortiGate configure the NAS IP setting on the RADIUS server
• C.On FortiAuthenticator change the back-end authentication server from LDAP to RADIUS
• D.On FortiGate update the Secret setting on the RADIUS server

Comment: *

Name: *

Email: *

Verification: *

An administrator is testing the connectivity for a new VLAN The devices in the VLAN are connected to a FortiSwitch device that is managed by FortiGate Quarantine is disabled on FortiGate While testing the administrator noticed that devices can ping FortiGate and FortiGate can ping the devices The administrator also noticed that inter-VLAN communication works However intra-VLAN communication does not work Which scenario is likely to cause this issue?

• A.The FortiGate ARP table is missing entries
• B.The native VLAN configured on the ports is incorrect
• C.The FortiSwitch MAC address table is missing entries
• D.Access VLAN is enabled on the VLAN

Comment: *

Name: *

Email: *

Verification: *

Refer to the exhibit

Examine the FortiGate RSSO configuration shown in the exhibit
FortiGate is configured to receive RADIUS accounting messages on port3 to authenticate RSSO users The users are located behind port3 and the internet link is connected to port1 FortiGate is processing incoming RADIUS accounting messages successfully and RSSO users are getting associated with the RSSO Group user group However all the users are able to access the internet, and the administrator wants to restrict internet access to RSSO users only Which configuration change should the administrator make to fix the problem?

• A.Change the RADIUS Attribute Value selling to match the name of the RADIUS attribute containing the group membership information of the RSSO users
• B.Add RSSO Group to the firewall policy
• C.Enable Security Fabric Connection on port3
• D.Create a second firewall policy from port3 lo port1 and select the target destination subnets

Comment: *

Name: *

Email: *

Verification: *