Fortinet FCP_FAC_AD-6.5 Exam Prep Guide: Prep guide for the FCP_FAC_AD-6.5 Exam
2024 New Preparation Guide of Fortinet FCP_FAC_AD-6.5 Exam
NEW QUESTION # 11
You are a Wi-Fi provider and host multiple domains.
How do you delegate user accounts, user groups and permissions per domain when they are authenticating on a single FortiAuthenticator device?
- A. Create multiple directory trees on FortiAuthenticator.
- B. Create user groups.
- C. Create realms.
- D. Automatically import hosts from each domain as they authenticate.
Answer: C
NEW QUESTION # 12
Examine the screenshot shown in the exhibit.
Which two statements regarding the configuration are true? (Choose two.)
- A. Guest users must fill in all the fields on the registration form.
- B. All guest accounts created using the account registration feature will be placed under the Guest_Portal_Users group.
- C. Guest user account will expire after eight hours.
- D. All accounts registered through the guest portal must be validated through email.
Answer: B,D
NEW QUESTION # 13
Which two capabilities does FortiAuthenticator offer when acting as a self-signed or local CA?
(Choose two)
- A. Importing other CA certificates and CRLs
- B. Merging local and remote CRLs using SCEP
- C. Validating other CA CRLs using OSCP
- D. Creating, signing, and revoking of X.509 certificates
Answer: A,D
NEW QUESTION # 14
Which statement about the guest portal policies is true?
- A. Guest portal policies can be used only for BYODs
- B. Conditions in the policy apply only to guest wireless users
- C. Guest portal policies apply only to authentication requests coming from unknown RADIUS clients
- D. All conditions in the policy must match before a user is presented with the guest portal
Answer: D
NEW QUESTION # 15
Which of the following is a benefit of using role-based access control (RBAC) in FortiAuthenticator?
- A. It provides granular control over user access based on their roles
- B. It automatically generates strong passwords for users
- C. It assigns the same permissions to all users
- D. It eliminates the need for authentication
Answer: A
NEW QUESTION # 16
Which two statements about the self-service portal are true? (Choose two)
- A. Self-registration information can be sent to the user through email or SMS
- B. Authenticating users must specify domain name along with username
- C. Realms can be used to configure which seld-registered users or groups can authenticate on the network
- D. Administrator approval is required for all self-registration
Answer: A,C
NEW QUESTION # 17
What does SAML stand for in the context of SAML SSO service?
- A. Secure Access Markup Language
- B. Security Assertion Markup Language
- C. System Authorization and Management Layer
- D. Single Authentication Management Logic
Answer: B
NEW QUESTION # 18
You are an administrator for a large enterprise and you want to delegate the creation and management of guest users to a group of sponsors.
How would you associate the guest accounts with individual sponsors?
- A. You can automatically add guest accounts to groups associated with specific sponsors.
- B. Guest accounts are associated with the sponsor that creates the guest account.
- C. Select the sponsor on the guest portal, during registration.
- D. As an administrator, you can assign guest groups to individual sponsors.
Answer: B
NEW QUESTION # 19
Which of the following advanced system settings can be configured in FortiAuthenticator?
- A. Account lockout policies
- B. Screen brightness control
- C. Network firewall rules
- D. Keyboard layout customization
Answer: A
NEW QUESTION # 20
You are a FortiAuthenticator administrator for a large organization. Users who are configured to use FortiToken 200 for two-factor authentication can no longer authenticate.
You have verified that only the users with two-factor authentication are experiencing the issue.
What can cause this issue?
- A. Time drift between FortiAuthenticator and hardware tokens.
- B. FortiAuthenticator has lost contact with the FortiToken Cloud servers.
- C. One of the FortiAuthenticator devices in the active-active cluster has failed.
- D. FortiToken 200 license has expired.
Answer: A
NEW QUESTION # 21
FortiAuthenticator has several roles that involve digital certificates.
Which role allows FortiAuthenticator to receive the signed certificate signing requests (CSRs) and send certificate revocation lists (CRLs)?
- A. SCEP server
- B. EAP server
- C. Remote LDAP server
- D. OCSP server
Answer: A
NEW QUESTION # 22
You are the administrator of a large network that includes a large local user datadabase on the current Fortiauthenticatior. You want to import all the local users into a new Fortiauthenticator device.
Which method should you use to migrate the local users?
- A. Import the current directory structure.
- B. Import users using a CSV file.
- C. Import users using RADIUS accounting updates.
- D. Import users from RADUIS.
Answer: B
NEW QUESTION # 23
What is two-factor authentication (2FA)?
- A. Authenticating users using only their email addresses
- B. Using two different VPN connections for secure access
- C. Using two different network protocols for authentication
- D. Requiring users to provide two different forms of authentication before granting access
Answer: D
NEW QUESTION # 24
What is the purpose of using local authentication events for Fortinet Single Sign-On (FSSO)?
- A. To track user logon events within FortiAuthenticator
- B. To sync user accounts with third-party services
- C. To eliminate the need for authentication altogether
- D. To provide access only to local resources
Answer: A
NEW QUESTION # 25
Which three factors can determine which RADIUS policy is matched during a RADIUS authentication? (Choose three.)
- A. RADIUS response
- B. Policy ranking
- C. RADIUS client
- D. RADIUS attribute
- E. Selected realm
Answer: B,C,D
NEW QUESTION # 26
......
Latest Questions FCP_FAC_AD-6.5 Guide to Prepare Free Practice Tests: https://www.examdiscuss.com/Fortinet/exam/FCP_FAC_AD-6.5/
FCP_FAC_AD-6.5 Practice Exam - 77 Unique Questions: https://drive.google.com/open?id=1XVim0AUrdvhxgBTaGhTbFEskyPKKsQhu