1. Home
  2. Fortinet
  3. NSE 6 Network Security Specialist
  4. NSE6_FAC-6.1
  5. Fortinet NSE 6 - FortiAuthenticator 6.1 Questions and Answers

Pass the Fortinet NSE 6 Network Security Specialist NSE6_FAC-6.1 Questions and answers with CertsForce

 Fortinet Exams      Go to Exam Detail      Get Premium Access
Viewing page 1 out of 1 pages
Viewing questions 1-10 out of questions
Questions # 1:

Which option correctly describes an SP-initiated SSO SAML packet flow for a host without a SAML assertion?

Options:
A.

Service provider contacts idendity provider, idendity provider validates principal for service provider, service provider establishes communication with principal

B.

Principal contacts idendity provider and is redirected to serviceprovider, principal establishes connection with service provider, service provider validates authentication with identify provider

C.

Principal contacts service provider, service provider redirects principal to idendity provider, after succesfull authentication identify provider redirects principal to service provider

D.

Principal contacts idendity provider and authenticates, identity provider relays principal to service provider after valid authentication

Expert Solution
Questions # 2:

Which interface services must be enabled for the SCEP client to connect to Authenticator?

Options:
A.

OCSP

B.

REST API

C.

SSH

D.

HTTP/HTTPS

Expert Solution
Questions # 3:

You are a Wi-Fi provider and host multiple domains. How do you delegate user accounts, user groups and permissions per domain when theyare authenticating on a single FortiAuthenticator device?

Options:
A.

Automatically import hosts from each domain as they authenticate

B.

Create multiple directory trees on FortiAuthenticator

C.

Create realms

D.

Create user groups

Expert Solution
Questions # 4:

Which statement about the guest portal policies is true?

Options:
A.

Guest portal policies apply only to authentication requests coming from unknown RADIUS clients

B.

Guest portal policies can be used only for BYODs

C.

Conditions in the policy apply only to guest wireless users

D.

All conditions in the policy must match before a user is presented with the guest portal

Expert Solution
Questions # 5:

Which FSSO discovery method transparently detects logged off users without having to rely on external features such as WMI polling?

Options:
A.

Windows AD polling

B.

FortiClient SSO Mobility Agent

C.

Radius Accounting

D.

DC Polling

Expert Solution
Questions # 6:

Which three of the following can be used as SSO sources? (Choose three)

Options:
A.

FortiClient SSO Mobility Agent

B.

SSH Sessions

C.

FortiAuthenticator in SAML SP role

D.

Fortigate

E.

RADIUS accounting

Expert Solution
Questions # 7:

Which two statement about the RADIUS service on FortiAuthenticator are true? (Choose two)

Options:
A.

Two-factor authentication cannot be enforced when using RADIUS authentication

B.

RADIUS users can migrated to LDAP users

C.

Only local users can be authenticated through RADIUS

D.

FortiAuthenticator answers only to RADIUS client that are registered with FortiAuthenticator

Expert Solution
Questions # 8:

Which two features of FortiAuthenticator are used for EAP deployment? (Choose two)

Options:
A.

Certificate authority

B.

LDAP server

C.

MAC authentication bypass

D.

RADIUS server

Expert Solution
Questions # 9:

Which two capabilities does FortiAuthenticator offer when acting as a self-signed or local CA? (Choose two)

Options:
A.

Validating other CA CRLs using OSCP

B.

Importing other CA certificates and CRLs

C.

Merging local and remote CRLs using SCEP

D.

Creating, signing, and revoking of X.509 certificates

Expert Solution
Viewing page 1 out of 1 pages
Viewing questions 1-10 out of questions