● FCP - FortiAuthenticator 6.5 Administrator Exam Materials
Please note that the exam "FCP - FortiAuthenticator 6.5 Administrator" is no longer offered by Fortinet and is not available for booking through Pearson VUE, so we opened it on free view,
Question #11
Question #12
Which two types of digital certificates can you create in FortiAuthenticator? (Choose two answers)
- A. Third-party root certificate
- B. User certificate
- C. Organization validation certificate
- D. Local services certificate
Question #13
An administrator has an active directory (AD) server integrated with FortiAuthenticator. They want members of only specific AD groups to participate in FSSO with their corporate FortiGate firewalls.
How does the administrator accomplish this goal?
(Choose one answer)
- A. Configure fine-grained controls on FortiAuthenticator to designate AD groups.
- B. Configure a domain groupings list to identify the desired AD groups.
- C. Configure SSO groups and assign them to FortiGate groups.
- D. Configure a FortiGate filter on FortiAuthenticator.
Question #14
You are a Wi-Fi provider and host multiple domains.
How do you delegate user accounts, user groups and permissions per domain when they are authenticating on a single FortiAuthenticator device?
(Choose one answer)
- A. Create multiple directory trees on FortiAuthenticator.
- B. Create realms.
- C. Automatically import hosts from each domain as they authenticate.
- D. Create user groups.
Question #15
You are a FortiAuthenticator administrator for a large organization. Users who are configured to use FortiToken 200 for two-factor authentication can no longer authenticate. You have verified that only the users with two-factor authentication are experiencing the issue.
What can cause this issue?
(Choose one answer)
- A. FortiAuthenticator has lost contact with the FortiToken Cloud servers
- B. Time drift between FortiAuthenticator and hardware tokens
- C. FortiToken 200 license has expired
- D. One of the FortiAuthenticator devices in the active-active cluster has failed
Question #16
You are the administrator of a global enterprise with three FortiAuthenticator devices. You would like to deploy them to provide active-passive HA at headquarters, with geographically distributed load balancing.
What would the role settings be?
(Choose one answer)
- A. Two cluster members and one backup
- B. Two cluster members and one load balancer
- C. One standalone and two load balancers
- D. One standalone primary, one cluster member, and one load balancer
Question #17
Which FSSO discovery method transparently detects logged off users without having to rely on external features such as WMI polling? (Choose one answer)
- A. FortiClient SSO mobility agent
- B. Windows AD polling
- C. DC polling
- D. RADIUS accounting
Question #18
An administrator is integrating FortiAuthenticator with an existing RADIUS server with the intent of eventually replacing the RADIUS server with FortiAuthenticator.
How can FortiAuthenticator help facilitate this process?
(Choose one answer)
- A. By configuring the RADIUS accounting proxy
- B. By enabling learning mode in the RADIUS server configuration
- C. By enabling automatic REST API calls from the RADIUS server
- D. By importing the RADIUS user records
Question #19
Which statement about the assignment of permissions for sponsor and administrator accounts is true? (Choose one answer)
- A. Sponsor permissions are assigned using group settings.
- B. Only administrator accounts permissions are assigned using admin profiles.
- C. Administrator capabilities are assigned by applying permission sets to admin groups.
- D. Both sponsor and administrator account permissions are assigned using admin profiles.
Question #20
You want to monitor FortiAuthenticator system information and receive FortiAuthenticator traps through SNMP.
Which two configurations must be performed after enabling SNMP access on the FortiAuthenticator interface?
(Choose two answers)
- A. Associate an ASN.1 mapping rule to the receiving host.
- B. Upload management information base (MIB) files to SNMP server.
- C. Set the thresholds to trigger SNMP traps.
- D. Enable logging services.
Which two features of FortiAuthenticator are used for EAP deployment? (Choose two answers)