NEW QUESTION 1
Which security fabric component sends a notification to quarantine an endpoint after IOC detection in the automation process?

• A. FortiAnalyzer
• B. FortiClient
• C. ForbClient EMS
• D. Forti Gate

Answer: D

NEW QUESTION 2
Refer to the exhibit.

Based on the FortiClient logs shown in the exhibit which endpoint profile policy is currently applied to the FortiClient endpoint from the EMS server?

• A. Default
• B. Compliance rules default
• C. Fortinet- Training
• D. Default configuration policy

Answer: C

NEW QUESTION 3
Refer to the exhibit.

Based on the settings shown in the exhibit, which two actions must the administrator take to make the endpoint compliant? (Choose two.)

• A. Enable the webfilter profile
• B. Integrate FortiSandbox for infected file analysis
• C. Patch applications that have vulnerability rated as high or above
• D. Run Calculator application on the endpoint

Answer: CD

NEW QUESTION 4
Refer to the exhibits.


Based on the FortiGate Security Fabric settings shown in the exhibits, what must an administrator do on the EMS server to successfully quarantine an endpoint. when it is detected as a compromised host (loC)?

• A. The administrator must enable remote HTTPS access to EMS.
• B. The administrator must enable FQDN on EMS.
• C. The administrator must authorize FortiGate on FortiAnalyzer.
• D. The administrator must enable SSH access to EMS.

Answer: A

NEW QUESTION 5
Which two statements are true about ZTNA? (Choose two.)

• A. ZTNA provides role-based access
• B. ZTNA manages access for remote users only
• C. ZTNA manages access through the client only
• D. ZTNA provides a security posture check

Answer: AD

NEW QUESTION 6
An administrator installs FortiClient EMS in the enterprise.
Which component is responsible for enforcing protection and checking security posture?

• A. FortiClient vulnerability scan
• B. FortiClient EMS tags
• C. FortiClient EMS
• D. FortiClient

Answer: D

NEW QUESTION 7
An administrator is required to maintain a software inventory on the endpoints. without showing the feature on the FortiClient dashboard What must the administrator do to achieve this requirement?

• A. The administrator must use default endpoint profile
• B. The administrator must not select the vulnerability scan feature in the deployment package.
• C. The administrator must select the vulnerability scan feature in the deployment package, but disable the feature on the endpoint profile
• D. The administrator must click the hide icon on the vulnerability scan tab

Answer: D

NEW QUESTION 8
An administrator wants to simplify remote access without asking users to provide user credentials. Which access control method provides this solution"?

• A. SSL VPN
• B. ZTNA full mode
• C. L2TP
• D. ZTNA IP/MAC filtering mode

Answer: B

NEW QUESTION 9
Refer to the exhibit, which shows the Zero Trust Tagging Rule Set configuration.

Which two statements about the rule set are true? (Choose two.)

• A. The endpoint must satisfy that only Windows 10 is running.
• B. The endpoint must satisfy that only AV software is installed and running.
• C. The endpoint must satisfy that antivirus is installed and running and Windows 10 is running.
• D. The endpoint must satisfy that only Windows Server 2012 R2 is running.

Answer: BC

NEW QUESTION 10
An administrator deploys a FortiClient installation through the Microsoft AD group policy After installation is complete all the custom configuration is missing.
What could have caused this problem?

• A. The FortiClient exe file is included in the distribution package
• B. The FortiClient MST file is missing from the distribution package
• C. FortiClient does not have permission to access the distribution package.
• D. The FortiClient package is not assigned to the group

Answer: D

NEW QUESTION 11
An administrator configures ZTNA configuration on the FortiGate for remote users. Which statement is true about the firewall policy?

• A. It enforces access control
• B. It redirects the client request to the access proxy
• C. It defines the access proxy
• D. It applies security profiles to protect traffic

Answer: B

Explanation:
"The firewall policy matches and redirects client requests to the access proxy VIP" https://docs.fortinet.com/document/fortigate/7.0.0/new-features/194961/basic-ztna-configuration

NEW QUESTION 12
In a FortiSandbox integration, what does the remediation option do?

• A. Wait for FortiSandbox results before allowing files
• B. Exclude specified files
• C. Alert and notify only
• D. Deny access to a file when it sees no results

Answer: C

NEW QUESTION 13
Which component or device shares device status information through ZTNA telemetry?

• A. FortiClient
• B. FortiGate
• C. FortiGate Access Proxy
• D. FortiClient EMS

Answer: A

Explanation:
FortiClient communicates directly with FortiClient EMS to continuously share device status information through ZTNA telemetry.

NEW QUESTION 14
When site categories are disabled in FortiClient webfilter and antivirus (malicious websites), which feature can be used to protect the endpoint from malicious web access?

• A. Real-time protection list
• B. Block malicious websites on antivirus
• C. FortiSandbox URL list

Answer: A

NEW QUESTION 15
Refer to the exhibits.


Which show the Zero Trust Tag Monitor and the FortiClient GUI status.
Remote-Client is tagged as Remote-Users on the FortiClient EMS Zero Trust Tag Monitor. What must an administrator do to show the tag on the FortiClient GUI?

• A. Update tagging rule logic to enable tag visibility
• B. Change the FortiClient system settings to enable tag visibility
• C. Change the endpoint control setting to enable tag visibility
• D. Change the user identity settings to enable tag visibility

Answer: B

NEW QUESTION 16
......