Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Fortinet Exam FCSS_SASE_AD-23 Topic 4 Question 20 Discussion

Actual exam question for Fortinet's FCSS_SASE_AD-23 exam
Question #: 20
Topic #: 4
[All FCSS_SASE_AD-23 Questions]

A FortiSASE administrator is configuring a Secure Private Access (SPA) solution to share endpoint information with a corporate FortiGate.

Which three configuration actions will achieve this solution? (Choose three.)

Show Suggested Answer Hide Answer
Suggested Answer: D

To block all video and audio application traffic while granting access to videos from CNN, you need to configure an application override action in the Application Control with Inline-CASB. Here is the step-by-step detailed explanation:

Application Control Configuration:

Application Control is used to identify and manage application traffic based on predefined or custom application signatures.

Inline-CASB (Cloud Access Security Broker) extends these capabilities by allowing more granular control over cloud applications.

Blocking Video and Audio Applications:

To block all video and audio application traffic, you can create a policy within Application Control to deny all categories related to video and audio streaming.

Granting Access to Specific Videos (CNN):

To allow access to videos from CNN specifically, you must create an override rule within the same Application Control profile.

The override action 'Exempt' ensures that traffic to specified URLs (such as those from CNN) is not subjected to the blocking rules set for other video and audio traffic.

Configuration Steps:

Navigate to the Application Control profile in the FortiSASE interface.

Set the application categories related to video and audio streaming to 'Block.'

Add a new override entry for CNN video traffic and set the action to 'Exempt.'


FortiOS 7.2 Administration Guide: Detailed steps on configuring Application Control and Inline-CASB.

Fortinet Training Institute: Provides scenarios and examples of using Application Control with Inline-CASB for specific use cases.

Contribute your Thoughts:

Twana
18 days ago
A) Allow? Nah, man, that's way too lenient. We need to be strict with those video apps, you know what I mean?
upvoted 0 times
...
Dorian
20 days ago
D) Exempt, obviously. You can't block CNN videos, that's like a cardinal sin in today's world!
upvoted 0 times
Norah
11 days ago
A) Add the FortiGate IP address in the secure private access configuration on FortiSASE.
upvoted 0 times
...
...
Clorinda
27 days ago
I agree with Val, D) Exempt seems like the most logical choice in this scenario.
upvoted 0 times
...
Val
28 days ago
But if we want to block all video and audio applications except for CNN, wouldn't it make more sense to exempt CNN from the block?
upvoted 0 times
...
Tamie
1 months ago
I disagree, I believe the answer is A) Allow.
upvoted 0 times
...
Val
1 months ago
I think the answer is D) Exempt.
upvoted 0 times
...

Save Cancel