View all questions & answers for the NSE 5 - FortiSASE and SD-WAN 7.6 Core Administrator Exam Materials exam
Question 47 Discussion
Comments
Selected Answers: B
Selected Answers: B
*notify administrators when a recommended FortiClient version is available,
*schedule a rollout of that version by endpoint profile groups, and
*provide visibility into upgrade status, including the ability to reset/retry if an upgrade fails.
This aligns exactly with: “Enable the Endpoint Upgrade feature on the FortiSASE portal.” (B)
Fortinet may still recommend using MDM/GPO for large-scale deployments (like ~400 users), mainly for initial installation/onboarding. However, for ongoing FortiClient upgrade management, FortiSASE provides a native upgrade mechanism through the portal.
-Why the other options are not correct
-A (manual upgrades): Not required as a rule—FortiSASE can orchestrate FortiClient upgrades.
-C (auto-upgrade on demand): The approach described by Fortinet is notification + controlled/scheduled rollout, not “it upgrades itself automatically without configuration.”
-D (re-onboard with a newer version): Re-onboarding is not necessary just to upgrade; the whole point of the feature is to avoid re-onboarding for upgrades.
(Practical in production - I found this note)
There are some edge cases and limitations (for example, upgrade-rule constraints and certain Entra ID scenarios with older FortiClient versions). In those cases, you may need MDM once to move endpoints to a minimum compatible FortiClient version, and then rely on Endpoint Upgrade going forward.
A FortiSASE IT administrator has onboarded approximately 400 FortiClient agent-based users using MDM tools. The IT team is wondering whether they will need to continue using MDM tools for future FortiClient upgrades. What options are available for handling future FortiClient upgrades? (Choose one answer)
Brave-Dump Clients Votes