Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Fortinet Exam FCSS_SASE_AD-23 Topic 2 Question 21 Discussion

Actual exam question for Fortinet's FCSS_SASE_AD-23 exam
Question #: 21
Topic #: 2
[All FCSS_SASE_AD-23 Questions]

You are designing a new network for Company X and one of the new cybersecurity policy requirements is that all remote user endpoints must always be connected and protected Which FortiSASE component facilitates this always-on security measure?

Show Suggested Answer Hide Answer
Suggested Answer: B, C

To resolve internal hostnames using internal DNS servers for remotely connected endpoints, the following two components must be configured on FortiSASE:

Split DNS Rules:

Split DNS allows the configuration of specific DNS queries to be directed to internal DNS servers instead of public DNS servers.

This ensures that internal hostnames are resolved using the organization's internal DNS infrastructure, maintaining privacy and accuracy for internal network resources.

Split Tunneling Destinations:

Split tunneling allows specific traffic (such as DNS queries for internal domains) to be routed through the VPN tunnel while other traffic is sent directly to the internet.

By configuring split tunneling destinations, you can ensure that DNS queries for internal hostnames are directed through the VPN to the internal DNS servers.


FortiOS 7.2 Administration Guide: Provides details on configuring split DNS and split tunneling for VPN clients.

FortiSASE 23.2 Documentation: Explains the implementation and configuration of split DNS and split tunneling for securely resolving internal hostnames.

Contribute your Thoughts:

Lamonica
22 days ago
Hmm, I'm not sure about the SSL deep inspection part, but the split DNS rules and DNS filter make sense to me. Gotta love those internal DNS servers, am I right?
upvoted 0 times
Valda
3 days ago
B) thin-branch SASE extension
upvoted 0 times
...
Elouise
7 days ago
A) site-based deployment
upvoted 0 times
...
...
Margart
23 days ago
Split DNS rules and DNS filter, duh! What else would you need to resolve internal hostnames? I thought this was a no-brainer.
upvoted 0 times
Anastacia
17 days ago
A) SSL deep inspection
upvoted 0 times
...
...

Save Cancel