New Year Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: simple70

  1. Home
  2. Fortinet
  3. NSE 7 Network Security Architect
  4. NSE7_LED-7.0
  5. Fortinet NSE 7 - LAN Edge 7.0 Questions and Answers

Pass the Fortinet NSE 7 Network Security Architect NSE7_LED-7.0 Questions and answers with CertsForce

 Fortinet Exams      Go to Exam Detail      Get Premium Access
Viewing page 2 out of 2 pages
Viewing questions 11-20 out of questions
Questions # 11:

Refer to the exhibits.

Question # 11

Examine the LDAP server configuration and output shown in the exhibits.

Question # 11

Note that the Distinguished Name and Username settings on the LDAP server configuration have been expanded to display their full contents.

An LDAP user named student cannot authenticate. While testing the student account, the administrator gets the CLI output shown in the exhibit.

According to the output, which FortiGate LDAP server settings must the administrator check?

Options:
A.

Distinguished Name

B.

Bind Type

C.

Common Name Identifier

D.

Username

Expert Solution
Questions # 12:

When you configure a FortiAP wireless interface for auto TX power control which statement describes how it configures its transmission power"?

Options:
A.

Every 30 seconds the AP will measure the signal strength of the AP using the client The AP will adjust its signal strength up or down until the AP signal is detected at -70 dBm

B.

Every 30 seconds FortiGate measures the signal strength of adjacent AP interfaces It will adjust its own AP power to match the adjacent AP signal strength

C.

Every 30 seconds FortiGate measures the signal strength of adjacent FortiAP interfaces It will adjust the adjacent AP power to be detectable at -70 dBm

D.

Every 30 seconds FortiGate measures the signal strength of the weakest associated client The AP will then configure its radio power to match the detected signal strength of the client

Expert Solution
Questions # 13:

Refer to the exhibit.

Question # 13

Examine the FortiSwitch security policy shown in the exhibit

If the security profile shown in the exhibit is assigned to all ports on a FortiSwitch device for 802 1X authentication which statement about the switch is correct?

Options:
A.

FortiSwitch cannot authenticate multiple devices connected to the same port

B.

FortiSwitch will try to authenticate non-802 1X devices using the device MAC address as the username and password

C.

FortiSwitch will assign non-802 1X devices to the onboarding VLAN

D.

All EAP messages will be terminated on FortiSwitch

Expert Solution
Questions # 14:

Refer to the exhibit.

Question # 14

Examine the partial debug output shown in the exhibit.

Question # 14

Which two statements about the debug output are true? (Choose1 two.)

Options:
A.

The LDAP DN search did not match any LDAP user.

B.

The credentials provided for student are correct.

C.

The Training-Lab LDAP server is configured to use regular bind.

D.

The connection to the Training-Lab LDAP server timed out.

Expert Solution
Questions # 15:

Refer to the exhibit

Question # 15

Examine the FortiGate RSSO configuration shown in the exhibit

FortiGate is configured to receive RADIUS accounting messages on port3 to authenticate RSSO users The users are located behind port3 and the internet link is connected to port1 FortiGate is processing incoming RADIUS accounting messages successfully and RSSO users are getting associated with the RSSO Group user group However all the users are able to access the internet, and the administrator wants to restrict internet access to RSSO users only

Which configuration change should the administrator make to fix the problem?

Options:
A.

Change the RADIUS Attribute Value selling to match the name of the RADIUS attribute containing the group membership information of the RSSO users

B.

Add RSSO Group to the firewall policy

C.

Enable Security Fabric Connection on port3

D.

Create a second firewall policy from port3 lo port1 and select the target destination subnets

Expert Solution
Questions # 16:

You are investigating a report of poor wireless performance in a network that you manage. The issue is related to an AP interface in the 5 GHz range You are monitoring the channel utilization over time.

What is the recommended maximum utilization value that an interface should not exceed?

Options:
A.

85%

B.

95%

C.

75%

D.

65%

Expert Solution
Questions # 17:

Refer to the exhibits

Question # 17

The exhibits show the wireless network (VAP) SSID profiles defined on FortiManager and an AP profile assigned to a group of APs that are supported by FortiGate

None of the APs are broadcasting the SSlDs defined by the AP profile

Which changes do you need to make to enable the SSIDs to broadcast?

Options:
A.

In the SSIDs section enable Tunnel

B.

Enable one channel in the Channels section

C.

Enable multiple channels in the Channels section and enable Radio Resource Provision

D.

In the SSIDs section enable Manual and assign the networks manually

Expert Solution
Questions # 18:

Which statement correctly describes the guest portal behavior on FortiAuthenticator?

Options:
A.

FortiAuthenticator uses POST parameters and a RADIUS client configuration to map the request to a guest portal for authentication.

B.

Sponsored accounts cannot authenticate using guest portals.

C.

All self-registered and sponsored accounts are listed on the local Users GUI page on FortiAuthenticator.

D.

All guest accounts must be activated using SMS or email activation codes.

Expert Solution
Viewing page 2 out of 2 pages
Viewing questions 11-20 out of questions