Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Fortinet Exam FCSS_SASE_AD-23 Topic 2 Question 7 Discussion

Actual exam question for Fortinet's FCSS_SASE_AD-23 exam
Question #: 7
Topic #: 2
[All FCSS_SASE_AD-23 Questions]

An organization needs to resolve internal hostnames using its internal rather than public DNS servers for remotely connected endpoints. Which two components must be configured on FortiSASE to achieve this? (Choose two.)

Show Suggested Answer Hide Answer
Suggested Answer: B, C

To resolve internal hostnames using internal DNS servers for remotely connected endpoints, the following two components must be configured on FortiSASE:

Split DNS Rules:

Split DNS allows the configuration of specific DNS queries to be directed to internal DNS servers instead of public DNS servers.

This ensures that internal hostnames are resolved using the organization's internal DNS infrastructure, maintaining privacy and accuracy for internal network resources.

Split Tunneling Destinations:

Split tunneling allows specific traffic (such as DNS queries for internal domains) to be routed through the VPN tunnel while other traffic is sent directly to the internet.

By configuring split tunneling destinations, you can ensure that DNS queries for internal hostnames are directed through the VPN to the internal DNS servers.


FortiOS 7.2 Administration Guide: Provides details on configuring split DNS and split tunneling for VPN clients.

FortiSASE 23.2 Documentation: Explains the implementation and configuration of split DNS and split tunneling for securely resolving internal hostnames.

by Tyisha at Jul 07, 2024, 08:21 PM

Limited Time Offer

25%

Off

Get Premium FCSS_SASE_AD-23 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Gregoria
15 days ago
I'm surprised they didn't include 'unicorn tears' as an answer. But B and D are the real deal here.
upvoted 0 times
...
Mary
18 days ago
Haha, the options are like a game of 'which one of these things is not like the other?' B and D are the way to go, folks.
upvoted 0 times
...
Fernanda
21 days ago
SSL deep inspection? Really? That's for inspecting HTTPS traffic, not for resolving internal hostnames. Gotta go with B and D.
upvoted 0 times
Royce
12 days ago
B) Split DNS rules
upvoted 0 times
...
...
Cheryl
1 months ago
Hold up, split tunneling destinations? What is this, a trick question? Clearly, it's B and D all the way.
upvoted 0 times
...
Christene
1 months ago
I also think the answer is B) Split DNS rules. It makes sense to configure this on FortiSASE for internal hostname resolution.
upvoted 0 times
...
Carmela
1 months ago
Split DNS rules and DNS filter, that's a no-brainer. Can't believe they're even asking this on the exam!
upvoted 0 times
Dana
19 days ago
Yeah, it's pretty straightforward. Just make sure those are configured correctly on FortiSASE.
upvoted 0 times
...
Denny
1 months ago
Split DNS rules and DNS filter are essential for resolving internal hostnames using internal DNS servers.
upvoted 0 times
...
...
Hassie
1 months ago
I agree with Antonette. Split DNS rules would allow the organization to resolve internal hostnames using internal DNS servers.
upvoted 0 times
...
Antonette
2 months ago
I think the answer is B) Split DNS rules.
upvoted 0 times
...

Save Cancel