Free Fortinet NSE7_SAC-6.2 Exam Dumps Questions & Answers

Refer to the exhibit.

Examine the packet capture shown in the exhibit, which contains a RADIUS access request packet sent by FortiSwitch to a RADIUS server.
Why does the User-Name field in the RADIUS access request packet contain a MAC address?

• A.  The connected device is doing machine authentication
• B.  The FortiSwitch interface is configured for 802 IX port authentication with MAC address bypass, andthe connected device does not support 802.1X.
• C.  FortiSwitch is replying to an access challenge packet sent by the RADIUS server and requesting the client MAC address.
• D.  FortiSwitch authenticates itself using its MAC address as the user name.

Which step can be taken to ensure that only FortiAP devices receive IP addresses from a DHCP server on FortiGate?

• A.  Change the interface addressing mode toFortiAP devices.
• B.  Use DHCP option 138 to assign IPs to FortiAP devices.
• C.  Create a reservation list in the DHCP server settings.
• D.  Configure a VCI string value of FortiAP in the DHCP server settings.

Which CLI command should an administrator use to view the certificate validation process in real-time?

• A.  diagnose debug application fnbamd -1
• B.  diagnose debug application certd -1
• C.  diagnose debug application authd -1
• D.  diagnose debug application foauthd -1

Refer to the exhibit showing certificate values.

Wireless guest users are unable to authenticate because they are getting a certificate error while loading the captive portal login page This URL string is the HTTPS POST URL guest wireless users see when attempting to access the network using the web browser:

Which two settings are the likely causes of the issue? (Choose two.)

• A.  The external server FQDN is incorrect.
• B.  The FortiGate authentication interface address is using Hi IPS.
• C.  The wireless user's browser is missing a CA certificate.
• D.  The user address is not in DDNS form.