Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Fortinet FCP_FCT_AD-7.4 Exam - Topic 4 Question 10 Discussion

Actual exam question for Fortinet's FCP_FCT_AD-7.4 exam
Question #: 10
Topic #: 4
[All FCP_FCT_AD-7.4 Questions]

Which Fortinet solution can you integrate FortiClient with to use the single sign-on mobility agent (SSOMA) feature? (Choose one answer)

Show Suggested Answer Hide Answer
Suggested Answer: A

According to the FortiClient EMS 7.2/7.4 Administration Guide and FortiAuthenticator Study Guides, the Single Sign-On Mobility Agent (SSOMA) is a feature specifically designed to integrate with FortiAuthenticator to provide transparent, identity-based authentication.

1. Integration with FortiAuthenticator (Answer A)

The SSOMA Service: The mobility agent service is hosted on the FortiAuthenticator unit. Administrators must navigate to Fortinet SSO Methods > SSO > General on the FortiAuthenticator and toggle on Enable FortiClient SSO Mobility Agent Service.

Communication Protocol: FortiClient communicates with FortiAuthenticator via a specified TCP listening port (defaulting to 8001 or 8005) and uses a pre-shared key (secret key) for authentication.

Transparent Authentication: Once configured, the SSOMA on the endpoint automatically sends user logon information and IP address changes (such as WiFi roaming) to FortiAuthenticator. FortiAuthenticator then shares this information with FortiGate units to enforce identity-based security policies without the user needing to re-authenticate manually.

2. Modern Capabilities (Azure AD / Entra ID)

Cloud Integration: In FortiClient 7.2.1 and later, SSOMA supports native Azure AD (Entra ID). In this mode, the agent sends the Azure AD domain and tenant ID directly to FortiAuthenticator, allowing organizations to create identity-based policies for cloud-joined devices.

3. Note on FortiPAM (Option C)

Recent Updates: While recent FortiClient EMS 7.4 documentation mentions an 'Add FortiPAM agent to SSOMA' feature, this is an extension of the existing SSOMA framework. The core product that defines and runs the SSOMA service for general Single Sign-On (SSO) remains FortiAuthenticator.

4. Why Other Options are Incorrect

B . FortiSASE: While FortiSASE uses FortiClient for Secure Internet Access (SIA), it uses different mechanisms (like SAML or the SASE cloud portal) for user identity rather than the specific SSOMA agent service.

D . FortiNAC: FortiNAC uses FortiClient for persistent agent-based posture assessment and scanning, but it does not utilize the SSOMA mobility agent for user-to-IP mapping.


by Rodolfo at May 13, 2026, 10:13 PM

Limited Time Offer

25%

Off

Get Premium FCP_FCT_AD-7.4 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel

Currently there are no comments in this discussion, be the first to comment!


Save Cancel