Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Fortinet Exam FCP_FCT_AD-7.2 Topic 1 Question 3 Discussion

Actual exam question for Fortinet's FCP_FCT_AD-7.2 exam
Question #: 3
Topic #: 1
[All FCP_FCT_AD-7.2 Questions]

Refer to the exhibits.

Based on the FortiGate Security Fabric settings shown in the exhibits, what must an administrator do on the EMS server to successfully quarantine an endpoint. when it is detected as a compromised host (loC)?

Show Suggested Answer Hide Answer
Suggested Answer: A

Based on the FortiGate Security Fabric settings shown in the exhibits, to successfully quarantine an endpoint when it is detected as a compromised host (IOC), the following step is required:

Enable Remote HTTPS Access to EMS: This setting allows FortiGate to communicate securely with FortiClient EMS over HTTPS. Remote HTTPS access is essential for the quarantine functionality to operate correctly, enabling the EMS server to receive and act upon the quarantine commands from FortiGate.

Therefore, the administrator must enable remote HTTPS access to EMS to allow the quarantine process to function properly.

Reference

FortiGate Infrastructure 7.2 Study Guide, Security Fabric and Integration with EMS Sections

Fortinet Documentation on Enabling Remote HTTPS Access to FortiClient EMS


by Winfred at Jun 01, 2024, 08:07 PM

Limited Time Offer

25%

Off

Get Premium FCP_FCT_AD-7.2 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Marta
10 months ago
You got that right, Elbert! This certification is no joke. Better study up on that FortiGate Security Fabric configuration if you want to pass.
upvoted 0 times
Geraldo
9 months ago
Make sure to review the FortiGate Security Fabric settings in the exhibits to be fully prepared.
upvoted 0 times
...
Boris
9 months ago
That's correct. SSH access is needed for the EMS server to quarantine an endpoint.
upvoted 0 times
...
Shawana
10 months ago
I think the administrator must enable SSH access to EMS for successful quarantine.
upvoted 0 times
...
Toshia
10 months ago
I know, this certification exam is no joke. I've been studying hard.
upvoted 0 times
...
...
Elbert
10 months ago
Haha, I bet the exam writers are having a field day coming up with these trick questions. Just when you think you've got it, they throw in another twist!
upvoted 0 times
...
Sol
10 months ago
That's a good point, Carmen. But I think the key here is the authorization on the FortiAnalyzer. Without that, the quarantine process won't work, no matter what else we do.
upvoted 0 times
...
Carmen
10 months ago
Hmm, I'm not sure about that. Shouldn't we also enable remote HTTPS access to the EMS server? I mean, how else is the FortiGate going to communicate with it?
upvoted 0 times
Marylin
10 months ago
Maybe enabling FQDN on EMS could also help in successfully quarantining an endpoint.
upvoted 0 times
...
Aileen
10 months ago
I think you're right. Enabling remote HTTPS access to the EMS server seems necessary for communication.
upvoted 0 times
...
...
Alishia
11 months ago
I agree with Nickolas. The exhibits show the FortiGate Security Fabric settings, and the question is asking about the actions required on the EMS server. Authorizing the FortiGate on the FortiAnalyzer seems like the logical step.
upvoted 0 times
Kenny
10 months ago
I agree, authorizing FortiGate on FortiAnalyzer seems like the right step.
upvoted 0 times
...
Mabel
10 months ago
I think enabling SSH access to EMS might also be necessary.
upvoted 0 times
...
...
Nickolas
11 months ago
The answer seems to be C. The FortiGate needs to be authorized on the FortiAnalyzer to successfully quarantine the endpoint.
upvoted 0 times
Malissa
10 months ago
That makes sense. Option C it is then.
upvoted 0 times
...
Yvette
11 months ago
Yes, I agree. FortiGate needs to be authorized on FortiAnalyzer for successful quarantine.
upvoted 0 times
...
Mariann
11 months ago
I think you're right, option C seems to be the correct one.
upvoted 0 times
...
...
Jesusita
12 months ago
I disagree, I believe the correct answer is D) The administrator must enable SSH access to EMS.
upvoted 0 times
...
Jacob
12 months ago
I think the answer is A) The administrator must enable remote HTTPS access to EMS.
upvoted 0 times
...

Save Cancel
a