Fortinet nse6-fac-6-1 practice test

Fortinet NSE 6 - FortiAuthenticator 6.1 Exam

Question 1

Which two statement about the RADIUS service on FortiAuthenticator are true? (Choose two)

  • A. Two-factor authentication cannot be enforced when using RADIUS authentication
  • B. RADIUS users can migrated to LDAP users
  • C. Only local users can be authenticated through RADIUS
  • D. FortiAuthenticator answers only to RADIUS client that are registered with FortiAuthenticator

B, D


Question 2

At a minimum, which two configurations are required to enable guest portal services on
FortiAuthenticator? (Choose two)

  • A. Configuring a portal policy
  • B. Configuring at least on post-login service
  • C. Configuring a RADIUS client
  • D. Configuring an external authentication portal

A, B


Question 3

You want to monitor FortiAuthenticator system information and receive FortiAuthenticator traps
through SNMP.
Which two configurations must be performed after enabling SNMP access on the FortiAuthenticator
interface? (Choose two)

  • A. Enable logging services
  • B. Set the tresholds to trigger SNMP traps
  • C. Upload management information base (MIB) files to SNMP server
  • D. Associate an ASN, 1 mapping rule to the receiving host

B, C


Question 4

Which method is the most secure way of delivering FortiToken data once the token has been seeded?

  • A. Online activation of the tokens through the FortiGuard network
  • B. Shipment of the seed files on a CD using a tamper-evident envelope
  • C. Using the in-house token provisioning tool
  • D. Automatic token generation using FortiAuthenticator



Question 5

Which two protocols are the default management access protocols for administrative access for
FortiAuthenticator? (Choose two)

  • A. Telnet
  • B. HTTPS
  • C. SSH
  • D. SNMP

B, C


Question 6

What are three key features of FortiAuthenticator? (Choose three)

  • A. Identity management device
  • B. Log server
  • C. Certificate authority
  • D. Portal services
  • E. RSSO Server

A, C, D


Question 7

Which network configuration is required when deploying FortiAuthenticator for portal services?

  • A. FortiAuthenticator must have the REST API access enable on port1
  • B. One of the DNS servers must be a FortiGuard DNS server
  • C. Fortigate must be setup as default gateway for FortiAuthenticator
  • D. Policies must have specific ports open between FortiAuthenticator and the authentication clients



Question 8

You are a Wi-Fi provider and host multiple domains. How do you delegate user accounts, user groups
and permissions per domain when they are authenticating on a single FortiAuthenticator device?

  • A. Automatically import hosts from each domain as they authenticate
  • B. Create multiple directory trees on FortiAuthenticator
  • C. Create realms
  • D. Create user groups



Question 9

Which of the following is an QATH-based standart to generate event-based, one-time password

  • A. OLTP
  • B. SOTP
  • C. HOTP
  • D. TOTP



Question 10

Which two statements about the self-service portal are true? (Choose two)

  • A. Self-registration information can be sent to the user through email or SMS
  • B. Realms can be used to configure which seld-registered users or groups can authenticate on the network
  • C. Administrator approval is required for all self-registration
  • D. Authenticating users must specify domain name along with username

A, B

To page 2