Pre-Winter Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: pass65

  1. Home
  2. Fortinet
  3. Fortinet Certified Solution Specialist
  4. FCSS_SASE_AD-25
  5. FCSS - FortiSASE 25 Administrator Questions and Answers

Pass the Fortinet Fortinet Certified Solution Specialist FCSS_SASE_AD-25 Questions and answers with CertsForce

 Fortinet Exams      Go to Exam Detail      Get Premium Access
Viewing page 1 out of 2 pages
Viewing questions 1-10 out of questions
Questions # 1:

Which two purposes is the dedicated IP address used for in a FortiSASE deployment? (Choose two.)

Options:
A.

For user access control to FortiSASE

B.

For allocation and assignment of unique IP addresses to remote users

C.

For regulatory compliance

D.

For isolation and identification

Expert Solution
Questions # 2:

Which two components are part of onboarding a secure web gateway (SWG) endpoint for secure internet access (SIA)? (Choose two.)

Options:
A.

proxy auto-configuration (PAC) file

B.

FortiSASE certificate authority (CA) certificate

C.

FortiClient software

D.

tunnel policy

Expert Solution
Questions # 3:

Which description of the FortiSASE inline-CASB component is true?

Options:
A.

It has limited visibility when data is transmitted.

B.

It detects data in motion.

C.

It is placed outside the traffic path.

D.

It relies on API to integrate with cloud services.

Expert Solution
Questions # 4:

Refer to the exhibit.

Question # 4

While reviewing the traffic logs, the FortiSASE administrator notices that the usernames are showing random characters.

Why are the usernames showing random characters?

Options:
A.

Log anonymization is turned on to hash usernames.

B.

Special characters are used in usernames.

C.

Users are using a shared single sign-on SSO username.

D.

FortiSASE uses FortiClient unique identifiers for usernames.

Expert Solution
Questions # 5:

A company must provide access to a web server through FortiSASE secure private access for contractors.

What is the recommended method to provide access?

Options:
A.

Configure a TCP access proxy forwarding rule and push it to the contractor FortiClient endpoint.

B.

Update the DNS records on the endpoint to access private applications.

C.

Publish the web server URL on a bookmark portal and share it with contractors.

D.

Update the PAC file with the web server URL and share it with contractors.

Expert Solution
Questions # 6:

What is required to enable the MSSP feature on FortiSASE?

Options:
A.

Role-based access control (RBAC) must be assigned to identity and access management (IAM) users using the FortiCloud IAM portal.

B.

The MSSP add-on license must be applied to FortiSASE.

C.

MSSP user accounts and permissions must be configured on the FortiSASE portal.

D.

Multi-tenancy must be enabled on the FortiSASE portal.

Expert Solution
Questions # 7:

Refer to the exhibits.

Question # 7

Question # 7

Question # 7

Question # 7

A FortiSASE administrator has configured FortiSASE as a spoke to a FortiGate hub. The tunnel is up to the FortiGate hub. However, the remote FortiClient is not able to access the web server hosted behind the FortiGate hub.

Based on the exhibits, what is the reason for the access failure?

Options:
A.

A private access policy has denied the traffic because of failed compliance

B.

The hub is not advertising the required routes.

C.

The hub firewall policy does not include the FortiClient address range.

D.

The server subnet BGP route was not received on FortiSASE.

Expert Solution
Questions # 8:

Refer to the exhibit.

Question # 8

The daily report for application usage for internet traffic shows an unusually high number of unknown applications by category.

What are two possible explanations for this? (Choose two.)

Options:
A.

Certificate inspection is not being used to scan application traffic.

B.

Deep inspection is not being used to scan traffic.

C.

The private access policy must be to set to log Security Events.

D.

The inline-CASB application control profile does not have application categories set to Monitor.

Expert Solution
Questions # 9:

What are two benefits of deploying FortiSASE with FortiGate ZTNA access proxy? (Choose two.)

Options:
A.

It offers data center redundancy.

B.

The on-premises FortiGate performs a device posture check.

C.

It is ideal for latency-sensitive applications.

D.

It supports both agentless ZTNA and agent-based ZTNA.

Expert Solution
Questions # 10:

Refer to the exhibits.

Question # 10

Question # 10

Antivirus is installed on a Windows 10 endpoint, but the windows application firewall is stopping it from running.

What will the endpoint security posture check be?

Options:
A.

FortiClient will tag the endpoint as FortiSASE-Non-Compliant.

B.

FortiClient will be unmanaged from FortiSASE due to failed compliance.

C.

FortiClient will trigger network lockdown on the endpoint.

D.

FortiClient will prompt the user to enable antivirus.

Expert Solution
Viewing page 1 out of 2 pages
Viewing questions 1-10 out of questions