Fortinet Exam NSE7_LED-7.0 Topic 3 Question 34 Discussion

Actual exam question for Fortinet's NSE7_LED-7.0 exam

Question #: 34
Topic #: 3

Refer to the exhibit.

Examine the network diagram and packet capture shown in the exhibit

The packet capture was taken between FortiGate and FortiAuthenticator and shows a RADIUS Access-Request packet sent by FortiSwitch to FortiAuthenticator through FortiGate

Why does the User-Name attribute in the RADIUS Access-Request packet contain the client MAC address?

AThe client is performing AD machine authentication

BFortiSwitch is authenticating the client using MAC authentication bypass

CThe client is performing user authentication

DFortiSwitch is sending a RADIUS accounting message to FortiAuthenticator

Show Suggested Answer

Suggested Answer: C, D

According to the FortiManager Administration Guide, ''Central management mode allows you to manage all FortiSwitch devices from a single interface on the FortiManager device.'' Therefore, option C is true because the exhibit shows that the FortiSwitch manager is enabled and the FortiSwitch device is managed by the FortiManager device. Option D is also true because the exhibit shows that the FortiSwitch device status is offline, which means that it is not reachable by the FortiManager device, but it is authorized, which means that it has been added to the FortiManager device. Option A is false because per-device management mode allows you to manage each FortiSwitch device individually from its own web-based manager or CLI, which is not the case in the exhibit. Option B is false because the FortiSwitch device is authorized, as explained above.

by Hannah at Dec 06, 2024, 06:05 PM

Limited Time Offer

25%

11 days ago

I think the answer is B) FortiSwitch is authenticating the client using MAC authentication bypass.

upvoted 0 times

...