1. Home
  2. Fortinet
  3. Fortinet Certified Solution Specialist
  4. FCSS_SASE_AD-25
  5. FCSS - FortiSASE 25 Administrator Questions and Answers

Pass the Fortinet Fortinet Certified Solution Specialist FCSS_SASE_AD-25 Questions and answers with CertsForce

 Fortinet Exams      Go to Exam Detail      Get Premium Access
Viewing page 1 out of 2 pages
Viewing questions 1-10 out of questions
Questions # 1:

What is the recommended method to upgrade FortiClient in a FortiSASE deployment?

Options:
A.

Remote users must upgrade the FortiClient manually.

B.

FortiSASE automatically upgrades FortiClient when a new version is released.

C.

The FortiSASE administrator must assign endpoint groups to an endpoint upgrade rule.

D.

The FortiSASE administrator will upload the desired FortiClient version to the FortiSASE portal and push it to endpoints.

Expert Solution
Questions # 2:

Refer to the exhibit.

Question # 2

Based on the configuration shown, in which two ways will FortiSASE process sessions that require FortiSandbox inspection? (Choose two.)

Options:
A.

Only endpoints assigned a profile for sandbox detection will be processed by the sandbox feature.

B.

FortiClient quarantines only infected files that FortiSandbox detects as medium level.

C.

All files executed on a USB drive will be sent to FortiSandbox for analysis.

D.

All files will be sent to a on-premises FortiSandbox for inspection.

Expert Solution
Questions # 3:

An administrator must restrict endpoints from certain countries from connecting to FortiSASE.

Which configuration can achieve this?

Options:
A.

Configure a network lockdown policy on the endpoint profiles.

B.

Configure a geography address object as the source for a deny policy.

C.

Configure geofencing to restrict access from the required countries.

D.

Configure source IP anchoring to restrict access from the specified countries.

Expert Solution
Questions # 4:

What are two benefits of deploying FortiSASE with FortiGate ZTNA access proxy? (Choose two.)

Options:
A.

It offers data center redundancy.

B.

The on-premises FortiGate performs a device posture check.

C.

It is ideal for latency-sensitive applications.

D.

It supports both agentless ZTNA and agent-based ZTNA.

Expert Solution
Questions # 5:

Which two are required to enable central management on FortiSASE? (Choose two.)

Options:
A.

FortiSASE connector configured on FortiManager.

B.

FortiManager and FortiSASE registered under the same FortiCloud account.

C.

The FortiManager IP address in the FortiSASE central management configuration.

D.

FortiSASE central management entitlement applied to FortiManager.

Expert Solution
Questions # 6:

Which two components are part of onboarding a secure web gateway (SWG) endpoint for secure internet access (SIA)? (Choose two.)

Options:
A.

proxy auto-configuration (PAC) file

B.

FortiSASE certificate authority (CA) certificate

C.

FortiClient software

D.

tunnel policy

Expert Solution
Questions # 7:

Refer to the exhibits.

Question # 7

Question # 7

How will the application vulnerabilities be patched, based on the exhibits provided?

Options:
A.

The vulnerability will be patched automatically based on the endpoint profile configuration.

B.

The vulnerability will be patched by installing the patch from the vendor’s website.

C.

The end user will patch the vulnerabilities using the FortiClient software.

D.

An administrator will patch the vulnerability remotely using FortiSASE.

Expert Solution
Questions # 8:

Which information can an administrator monitor using reports generated on FortiSASE?

Options:
A.

sanctioned and unsanctioned Software-as-a-Service (SaaS) applications usage

B.

FortiClient vulnerability assessment

C.

SD-WAN performance

D.

FortiSASE administrator and system events

Expert Solution
Questions # 9:

Which secure internet access (SIA) use case minimizes individual endpoint configuration?

Options:
A.

Agentless remote user internet access

B.

Site-based remote user internet access

C.

SIA using ZTNA

D.

SIA for FortiClient agent remote users

Expert Solution
Questions # 10:

What can be configured on FortiSASE as an additional layer of security for FortiClient registration?

Options:
A.

security posture tags

B.

application inventory

C.

user verification

D.

device identification

Expert Solution
Viewing page 1 out of 2 pages
Viewing questions 1-10 out of questions