Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Fortinet Exam FCSS_SASE_AD-23 Topic 3 Question 1 Discussion

Actual exam question for Fortinet's FCSS_SASE_AD-23 exam
Question #: 1
Topic #: 3
[All FCSS_SASE_AD-23 Questions]

An organization needs to resolve internal hostnames using its internal rather than public DNS servers for remotely connected endpoints. Which two components must be configured on FortiSASE to achieve this? (Choose two.)

Show Suggested Answer Hide Answer
Suggested Answer: B, C

To resolve internal hostnames using internal DNS servers for remotely connected endpoints, the following two components must be configured on FortiSASE:

Split DNS Rules:

Split DNS allows the configuration of specific DNS queries to be directed to internal DNS servers instead of public DNS servers.

This ensures that internal hostnames are resolved using the organization's internal DNS infrastructure, maintaining privacy and accuracy for internal network resources.

Split Tunneling Destinations:

Split tunneling allows specific traffic (such as DNS queries for internal domains) to be routed through the VPN tunnel while other traffic is sent directly to the internet.

By configuring split tunneling destinations, you can ensure that DNS queries for internal hostnames are directed through the VPN to the internal DNS servers.


FortiOS 7.2 Administration Guide: Provides details on configuring split DNS and split tunneling for VPN clients.

FortiSASE 23.2 Documentation: Explains the implementation and configuration of split DNS and split tunneling for securely resolving internal hostnames.

Contribute your Thoughts:

Tayna
4 months ago
Haha, Frankie's got a point. FortiSASE probably wants us to choose all four options just to be safe. Can never be too careful when it comes to DNS, am I right?
upvoted 0 times
...
Frankie
4 months ago
Hold up, is this a trick question? I bet the answer is actually a combination of all four components. FortiSASE likes to keep us on our toes!
upvoted 0 times
Terrilyn
4 months ago
B) Split DNS rules
upvoted 0 times
...
Lynelle
4 months ago
A) SSL deep inspection
upvoted 0 times
...
...
Wendell
5 months ago
I believe the correct components are B) Split DNS rules and D) DNS filter, as both are essential for resolving internal hostnames using internal DNS servers.
upvoted 0 times
...
Page
5 months ago
I agree with Freeman. Split DNS rules and DNS filter are the key components here. Can't believe they're trying to trick us with those other options.
upvoted 0 times
Erasmo
3 months ago
Agreed, the other options are just distractions.
upvoted 0 times
...
Paulina
4 months ago
Definitely, those are the key components needed for resolving internal hostnames.
upvoted 0 times
...
Christiane
4 months ago
I think Split DNS rules and DNS filter are the way to go.
upvoted 0 times
...
Rolf
4 months ago
Agreed, they're trying to throw us off with the other options.
upvoted 0 times
...
Myra
4 months ago
Yeah, those are definitely the key components for resolving internal hostnames.
upvoted 0 times
...
Geoffrey
4 months ago
I think Split DNS rules and DNS filter are the way to go.
upvoted 0 times
...
...
Lacresha
5 months ago
I also think the answer is B) Split DNS rules, but we should also consider C) Split tunnelling destinations.
upvoted 0 times
...
Zack
5 months ago
I agree with Malcolm, Split DNS rules would allow resolving internal hostnames using internal DNS servers.
upvoted 0 times
...
Malcolm
5 months ago
I think the answer is B) Split DNS rules.
upvoted 0 times
...
Ivan
5 months ago
Hmm, I was thinking split tunneling destinations too. Wouldn't that be needed to direct the internal hostname traffic to the right DNS servers?
upvoted 0 times
Erick
4 months ago
B) Split DNS rules
upvoted 0 times
...
Ashleigh
5 months ago
A) SSL deep inspection
upvoted 0 times
...
...
Freeman
6 months ago
Split DNS rules and DNS filter, of course! That's the obvious answer to resolve internal hostnames using internal DNS servers.
upvoted 0 times
In
5 months ago
B) Split DNS rules
upvoted 0 times
...
Viva
5 months ago
A) SSL deep inspection
upvoted 0 times
...
...

Save Cancel