Special Summer Sale - Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70dumps

FCSS_SASE_AD-24 Questions and Answers

Question # 6

Which secure internet access (SIA) use case minimizes individual endpoint configuration?

A.

Site-based remote user internet access

B.

Agentless remote user internet access

C.

SIA for SSL VPN remote users

D.

SIA using ZTNA

Full Access
Question # 7

When viewing the daily summary report generated by FortiSASE, the administrator notices that the report contains very little data.

What is a possible explanation for this almost empty report?

A.

Log allowed traffic is set to Security Events for all policies.

B.

There are no security profile groups applied to all policies.

C.

The web filter security profile is not set to Monitor.

D.

Digital experience monitoring is not configured.

Full Access
Question # 8

Which two deployment methods are used to connect a FortiExtender as a FortiSASE LAN extension? (Choose two.)

A.

Connect FortiExtender to FortiSASE using FortiZTP

B.

Enable Control and Provisioning Wireless Access Points (CAPWAP) access on the FortiSASE portal.

C.

Enter the FortiSASE domain name in the FortiExtender GUI as a static discovery server

D.

Configure an IPsec tunnel on FortiSASE to connect to FortiExtender.

Full Access
Question # 9

Refer to the exhibits.

When remote users connected to FortiSASE require access to internal resources on Branch-2. how will traffic be routed?

A.

FortiSASE will use the SD-WAN capability and determine that traffic will be directed to HUB-2. which will then route traffic to Branch-2.

B.

FortiSASE will use the AD VPN protocol and determine that traffic will be directed to Branch-2 directly, using a static route

C.

FortiSASE will use the SD-WAN capability and determine that traffic will be directed to HUB-1, which will then route traffic to Branch-2.

D.

FortiSASE will use the AD VPN protocol and determine that traffic will be directed to Branch-2 directly, using a dynamic route

Full Access
Question # 10

Your organization is currently using FortiSASE for its cybersecurity. They have recently hired a contractor who will work from the HQ office and who needs temporary internet access in order to set up a web-based point of sale (POS) system.

What is the recommended way to provide internet access to the contractor?

A.

Use FortiClient on the endpoint to manage internet access.

B.

Use a proxy auto-configuration (PAC) file and provide secure web gateway (SWG) service as an explicit web proxy.

C.

Use zero trust network access (ZTNA) and tag the client as an unmanaged endpoint.

D.

Configure a VPN policy on FortiSASE to provide access to the internet.

Full Access
Question # 11

An organization must block user attempts to log in to non-company resources while using Microsoft Office 365 to prevent users from accessing unapproved cloud resources.

Which FortiSASE feature can you implement to achieve this requirement?

A.

Web Filter with Inline-CASB

B.

SSL deep inspection

C.

Data loss prevention (DLP)

D.

Application Control with Inline-CASB

Full Access
Question # 12

Refer to the exhibits.

A FortiSASE administrator is trying to configure FortiSASE as a spoke to a FortiGate hub. The tunnel is up to the FortiGale hub. However, the administrator is not able to ping the webserver hosted behind the FortiGate hub.

Based on the output, what is the reason for the ping failures?

A.

The Secure Private Access (SPA) policy needs to allow PING service.

B.

Quick mode selectors are restricting the subnet.

C.

The BGP route is not received.

D.

Network address translation (NAT) is not enabled on the spoke-to-hub policy.

Full Access