Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Fortinet Exam NSE7_LED-7.0 Topic 1 Question 33 Discussion

Actual exam question for Fortinet's NSE7_LED-7.0 exam
Question #: 33
Topic #: 1
[All NSE7_LED-7.0 Questions]

Refer to the exhibit.

Examine the FortiGate configuration FortiAnalyzer logs and FortiGate widget shown in the exhibit

An administrator is testing the Security Fabric quarantine automation The administrator added FortiAnalyzer to the Security Fabric and configured an automation stitch to automatically quarantine compromised devices The test device (::.:.:.!) s connected to a managed Fort Switch dev :e

After trying to access a malicious website from the test device, the administrator verifies that FortiAnalyzer has a log (or the test connection However the device is not getting quarantined by FortiGate as shown in the quarantine widget

Which two scenarios are likely to cause this issue? (Choose two)

Show Suggested Answer Hide Answer
Suggested Answer: A, B

According to the exhibit, the wireless guest users are getting a certificate error while loading the captive portal login page. This means that the browser cannot verify the identity of the server that is hosting the login page. Therefore, option A is true because the external server FQDN is incorrect, which means that it does not match the common name or subject alternative name of the server certificate. Option B is also true because the wireless user's browser is missing a CA certificate, which means that it does not have the root or intermediate certificate that issued the server certificate. Option C is false because the FortiGate authentication interface address is using HTTPS, which is a secure protocol that encrypts the communication between the browser and the server. Option D is false because the user address is not in DDNS form, which is not related to the certificate error.


Contribute your Thoughts:

Claribel
3 days ago
But what if FortiAnalyzer does not consider the malicious website as an indicator of compromise? That could also be a possible scenario causing the issue.
upvoted 0 times
...
Laurena
6 days ago
I agree with Francine. If the web filtering service is not working, then the device won't get quarantined.
upvoted 0 times
...
Francine
7 days ago
I think the issue might be with the web filtering rating service.
upvoted 0 times
...

Save Cancel