Fortinet Exam NSE7_LED-7.0 Topic 1 Question 3 Discussion

Actual exam question for Fortinet's NSE7_LED-7.0 exam

Question #: 3
Topic #: 1

Refer to the exhibit.

Examine the network diagram and packet capture shown in the exhibit

The packet capture was taken between FortiGate and FortiAuthenticator and shows a RADIUS Access-Request packet sent by FortiSwitch to FortiAuthenticator through FortiGate

Why does the User-Name attribute in the RADIUS Access-Request packet contain the client MAC address?

AThe client is performing AD machine authentication

BFortiSwitch is authenticating the client using MAC authentication bypass

CThe client is performing user authentication

DFortiSwitch is sending a RADIUS accounting message to FortiAuthenticator

Show Suggested Answer

Suggested Answer: B

According to the exhibit, the User-Name attribute in the RADIUS Access-Request packet contains the client MAC address of 00:0c:29:6a:2b:3d. This indicates that FortiSwitch is authenticating the client using MAC authentication bypass (MAB), which is a method of authenticating devices that do not support 802.1X by using their MAC address as the username and password. Therefore, option B is true because it explains why the User-Name attribute contains the client MAC address. Option A is false because AD machine authentication uses a computer account name and password, not a MAC address. Option C is false because user authentication uses a user name and password, not a MAC address. Option D is false because FortiSwitch is sending a RADIUS Access-Request message to FortiAuthenticator, not a RADIUS accounting message.

by Xochitl at Aug 29, 2023, 07:55 AM

Limited Time Offer

25%

Off

Get Premium NSE7_LED-7.0 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!