NSE6_FNC-8.5試験問題集を提供していますFortinet問題
NSE6_FNC-8.5認定ガイドPDFはリアル試験問題で100%カバー率
質問 18
Which three of the following are components of a security rule? (Choose three.)
- A. Trigger
- B. Action
- C. Methods
- D. User or host profile
- E. Security String
正解: A,B,D
質問 19
What causes a host's state to change to "at risk"?
- A. The host is not in the Registered Hosts group.
- B. The host has failed an endpoint compliance policy or admin scan.
- C. The logged on user is not found in the Active Directory.
- D. The host has been administratively disabled.
正解: B
解説:
Failure - Indicates that the host has failed the scan. This option can also be set manually. When the status is set to Failure the host is marked "At Risk" for the selected scan.
Reference: https://docs.fortinet.com/document/fortinac/8.3.0/administration-guide/241168/host-health-and- scanning
質問 20
Where do you look to determine when and why the FortiNAC made an automated network access change?
- A. The Port Changes view
- B. The Connections view
- C. The Admin Auditing view
- D. The Event view
正解: A
質問 21
Refer to the exhibit.
If you are forcing the registration of unknown (rogue) hosts, and an unknown (rogue) host connects to a port on the switch, what will occur?
- A. No VLAN change is performed
- B. The host is moved to VLAN 111.
- C. The host is moved to a default isolation VLAN.
- D. The host is disabled.
正解: D
解説:
The ability to limit the number of workstations that can connect to specific ports on the switch is managed with Port Security. If these limits are breached, or access from unknown workstations is attempted, the port can do any or all of the following: drop the untrusted data, notify the network administrator, or disable the port.
質問 22
Which three circumstances trigger Layer 2 polling of infrastructure devices? (Choose three.)
- A. A matched security policy
- B. Linkup and Linkdown traps
- C. Scheduled poll timings
- D. Manual polling
- E. A failed Layer 3 poll
正解: B,C,D
質問 23
What would happen if a port was placed in both the Forced Registration and the Forced Remediation port groups?
- A. Both types of enforcement would be applied.
- B. Only rogue hosts would be impacted.
- C. Both enforcement groups cannot contain the same port.
- D. Only al-risk hosts would be impacted.
正解: C
質問 24
When you create a user or host profile, which three criteria can you use? (Choose three.)
- A. Location
- B. An applied access policy
- C. Host or user attributes
- D. Host or user group memberships
- E. Administrative group membership
正解: A,B,C
質問 25
How are logical networks assigned to endpoints?
- A. Through device profiling rules
- B. Through FortiGate IPv4 policies
- C. Through Layer 3 polling configurations
- D. Through network access policies
正解: B
質問 26
Refer to the exhibit.
If you are forcing the registration of unknown (rogue) hosts, and an unknown (rogue) host connects to a port on the switch, what will occur?
- A. The host is moved to VLAN 111.
- B. No VLAN change is performed
- C. The host is moved to a default isolation VLAN.
- D. The host is disabled.
正解: B
質問 27
Where are logical network values defined?
- A. In the security and access field of each host record
- B. In the port properties view of each port
- C. In the model configuration view of each infrastructure device
- D. On the profiled devices view
正解: A
質問 28
Which three of the following are components of a security rule? (Choose three.)
- A. Trigger
- B. Action
- C. Methods
- D. User or host profile
- E. Security String
正解: B,C,D
解説:
Explanation/Reference: https://patents.google.com/patent/US20150200969A1/en
質問 29
Refer to the exhibit, and then answer the question below.
Which host is rogue?
- A. 0
- B. 1
- C. 2
- D. 3
正解: A
質問 30
Which two methods can be used to gather a list of installed applications and application details from a host? (Choose two)
- A. MDM integration
- B. Agent technology
- C. Portal page on-boarding options
- D. Application layer traffic inspection
正解: A,C
解説:
Reference:
https://docs.oracle.com/en/middleware/idm/identity-governance/12.2.1.3/omusg/managing-application-onboarding.html#GUID-4D0D5B18-A6F5-4231-852E-DB0D95AAE2D1
質問 31
Which three communication methods are used by the FortiNAC to gather information from, and control, infrastructure devices? (Choose three)
- A. FTP
- B. OSNMP
- C. DCLI
- D. RADIUS
- E. SMTP
正解: A,C,E
質問 32
By default, if more than 20 hosts are seen connected on a single port simultaneously, what will happen to the port?
- A. The port becomes a threshold uplink.
- B. The port is added to the Forced Registration group.
- C. The port is disabled.
- D. The port is switched into the Dead-End VLAN.
正解: C
解説:
Explanation/Reference:
質問 33
What would occur if both an unknown (rogue) device and a known (trusted) device simultaneously appeared on a port that is a member of the Forced Registration port group?
- A. The port would not be managed, and an event would be generated.
- B. The port would be provisioned to the registration network, and both hosts would be isolated.
- C. The port would be administratively shut down.
- D. The port would be provisioned for the normal state host, and both hosts would have access to that VLAN.
正解: B
質問 34
By default, if more than 20 hosts are seen connected on a single port simultaneously, what will happen to the port?
- A. The port becomes a threshold uplink.
- B. The port is added to the Forced Registration group.
- C. The port is disabled.
- D. The port is switched into the Dead-End VLAN.
正解: C
質問 35
What capability do logical networks provide?
- A. Autopopulation of device groups based on point of connection
- B. VLAN-based inventory reporting
- C. Application of different access values from a single access policy
- D. Interactive topology view diagrams
正解: C
質問 36
What causes a host's state to change to "at risk"?
- A. The host is not in the Registered Hosts group.
- B. The host has failed an endpoint compliance policy or admin scan.
- C. The logged on user is not found in the Active Directory.
- D. The host has been administratively disabled.
正解: B
解説:
Failure - Indicates that the host has failed the scan. This option can also be set manually. When the status is set to Failure the host is marked "At Risk" for the selected scan.
質問 37
How should you configure MAC notification traps on a supported switch?
- A. Configure them only after you configure linkup and linkdown traps
- B. Configure them only on ports set as 802 1q trunks
- C. Configure them on all ports except uplink ports
- D. Configure them on all ports on the switch
正解: A
質問 38
Where do you look to determine what network access policy, if any, is being applied to a particular host?
- A. The Port Properties view of the hosts port
- B. The network access policy configuration
- C. The Policy Logs view
- D. The Policy Details view for the host
正解: B
質問 39
Which two methods can be used to gather a list of installed applications and application details from a host? (Choose two.)
- A. MDM integration
- B. Agent technology
- C. Portal page on-boarding options
- D. Application layer traffic inspection
正解: A,C
解説:
Explanation/Reference: https://developer.apple.com/business/documentation/MDM-Protocol-Reference.pdf
https://docs.oracle.com/en/middleware/idm/identity-governance/12.2.1.3/omusg/managing-application- onboarding.html#GUID-4D0D5B18-A6F5-4231-852E-DB0D95AAE2D1
質問 40
......
合格させるNSE6_FNC-8.5試験にはリアル問題解答:https://www.jpntest.com/shiken/NSE6_FNC-8.5-mondaishu