Fortinet NSE6_FNC-7.2 Dumps

The exhibit shows a configuration panel where VLAN IDs are specified for different states, such as Default, Registration, and Authentication. When forcing the registration of unknown (rogue) hosts, if an unknown host connects to a port on the switch, the FortiNAC system will move the host to the VLAN designated for Registration. In the exhibit, the VLAN ID for Registration is set to 111, hence the host would be moved to VLAN 111 to undergo the registration process.

Device profiling rules in FortiNAC are used to evaluate and classify rogue devices. These rules can be configured to automatically, manually, or through sponsorship evaluate and classify unknown untrusted devices as they are identified and created​​.

References

FortiNAC 7.2 Study Guide, page 98

In an isolation VLAN, FortiNAC supplies DHCP and DNS services. The guide specifies that FortiNAC has a DHCP scope defined for a particular VLAN and should be the only DHCP server available to hosts on that VLAN. Additionally, hosts on the VLAN would get a DNS server configuration of the FortiNAC IP for that VLAN

In a wireless integration, FortiNAC uses RADIUS to obtain connecting MAC address information. This includes RADIUS requests to FortiNAC and subsequent RADIUS responses from FortiNAC to the requesting device​

Forced Quarantine, study guide 7.2 pag 245 and 248

It’s important to audit Group Policy changes in order to determine the details of changes made to Group Policies by delegated users.

In general, for network switches supporting MAC notification traps, it's advisable to configure these traps on all ports except uplink ports. Uplink ports are used for connecting to other switches or network infrastructure devices and typically don't need MAC notification traps, which are more relevant for end-device connectivity monitoring.

The study guide specifies that MAC notification traps should not be configured on interfaces that are uplinks. They are the preferred method for learning and updating Layer 2 information and should be used whenever available, but not on uplink interfaces​​.

Both dissolvable and persistent agents can be used to validate endpoint compliance transparently to the end user. The persistent agent stays resident on the endpoint and performs scheduled scans in the background. The dissolvable agent is a run-once agent that dissolves after reporting its results, leaving no footprint on the endpoint

The exhibit's command and output detail various attributes for a specific host, including the MAC address, connection status, and various other parameters. The status "Connected" and state "Initial" indicate that the host has been detected on the network but has not yet completed any authentication process. The lines "Client Not Authenticated = true" and "Client needs to authenticate = false" suggest that the host has not yet been authenticated. Therefore, the current state of the host is "Not authenticated," since there is a clear indication that the authentication process has not been completed for this host.

Looking at the provided exhibit which shows the Modify User/Host Profile window, the following must be true for a host to match the user/host profile:

The host must be connected to a port within the "Building 1 First Floor Ports" group.

The host must fulfill at least one of the following attributes:

Have a role value of "Contractor"

Have an installed persistent agent with the security and access value of "Contractor"

The host must be connected between the specified times of 6 AM and 5 PM on any day of the week.

The profile specifies that the host can match the profile by having any one of the listed attributes (Role as Contractor, Persistent Agent installed with specific security & access value), and the time condition must also be met. Therefore, the correct answer is D, which includes "or" conditions for the role value and persistent agent and specifies the correct time frame.