Refer to the exhibit. Examine the FortiGate RSSO configuration shown in the exhibit.
FortiGate is configured to receive RADIUS accounting messages on port3 to authenticate RSSO users. The users are located behind port3, and the internet link is connected to port1. FortiGate is processing incoming RADIUS accounting messages successfully, and RSSO users are getting associated with the RSSO Group user group. However, all the users are able to access the internet, and the administrator wants to restrict internet access to RSSO users only.
Which configuration change should the administrator make to fix the problem?

• A.Change the RADIUS Attribute Value selling to match the name of the RADIUS attribute containing the group membership information of the RSSO users
• B.Add RSSO Group to the firewall policy
• C.Enable Security Fabric Connection on port3
• D.Create a second firewall policy from port3 lo port1 and select the target destination subnets

Comment: *

Name: *

Email: *

Verification: *

Which two statements about FortiSwitch manager are true1? (Choose two)

• A.Per-device management is the default management mode on FortiManager
• B.FortiManager obtains the FortiSwitch status information by querying the FortiGate REST API every three minutes
• C.If the administrator makes any changes on FortiSwitch manager they must also install those changes on FortiGate so that those changes are applied on the managed switches
• D.Any switch discovered or authorized on FortiGate must be added manually on FortiSwitch manager

Comment: *

Name: *

Email: *

Verification: *

Refer to the exhibit.

Examine the debug output shown in the exhibit
Which two statements about the RADIUS debug output are true'' (Choose two)

• A.The user student belongs to the SSLVPN group
• B.User authentication failed
• C.The RADIUS server sent a vendor-specific attribute in the RADIUS response
• D.User authentication succeeded using MSCHAP

Comment: *

Name: *

Email: *

Verification: *

Refer to the exhibit. Examine the LDAP server configuration shown in the exhibit. Note that the Username setting has been expanded to display its full content.
On the Windows AD server 10.0.1.10, the administrator used dsquery, which returned the following output:
>dsquery user -samid student
"CN=student,CN=Users,DC=trainingAD,DC=training,DC=lab"
According to the output, which FortiGate LDAP setting is configured incorrectly?

• A.Common Name Identifier
• B.Bind Type
• C.Distinguished Name
• D.Username

Comment: *

Name: *

Email: *

Verification: *

Which two statements about FortiSwitchmanager are true1? (Choose two)

• A.Per-device management is the default management mode on FortiManager
• B.FortiManager obtains the FortiSwitch status information by querying the FortiGate REST API every three minutes
• C.If the administrator makes any changes on FortiSwitch manager they must also install those changes on FortiGate so that those changes are applied on the managed switches
• D.Any switch discovered or authorized on FortiGate must be added manually on FortiSwitch manager

Comment: *

Name: *

Email: *

Verification: *