Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Fortinet Exam NSE7_ZTA-7.2 Topic 4 Question 18 Discussion

Actual exam question for Fortinet's NSE7_ZTA-7.2 exam
Question #: 18
Topic #: 4
[All NSE7_ZTA-7.2 Questions]

Exhibit.

Which statement is true about the hr endpoint?

Show Suggested Answer Hide Answer
Suggested Answer: A

Based on the ZTNA logs provided, the true statement is:

A) The Remote_user ZTNA tag has matched the ZTNA rule: The log includes a user tag 'ztna_user' and a policy name 'External_Access_FAZ', which suggests that the ZTNA tag for 'Remote_User' has successfully matched the ZTNA rule defined in the policy to allow access.

The other options are not supported by the information in the log:

B) An authentication scheme is configured: The log does not provide details about an authentication scheme.

C) The external IP for ZTNA server is 10.122.0.139: The log entry indicates 'dstip=10.122.0.139' which suggests that this is the destination IP address for the traffic, not necessarily the external IP of the ZTNA server.

D) Traffic is allowed by firewall policy 1: The log entry 'policyid=1' indicates that the traffic is matched to firewall policy ID 1, but it does not explicitly state that the traffic is allowed; although the term 'action=accept' suggests that the action taken by the policy is to allow the traffic, the answer option D could be considered correct as well.


Interpretation of FortiGate ZTNA Log Files.

Analyzing Traffic Logs for Zero Trust Network Access.

by Stefanie at Aug 04, 2024, 03:01 PM

Limited Time Offer

25%

Off

Get Premium NSE7_ZTA-7.2 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Francesco
21 days ago
Hmm, the endpoint seems to be a bit of a wild card here. Maybe it's a secret backdoor for the HR department to snoop on everyone? Option C it is!
upvoted 0 times
Huey
1 days ago
User 2: Yeah, that could be a possibility.
upvoted 0 times
...
Colette
2 days ago
User 1: I think the endpoint is unauthenticated.
upvoted 0 times
...
...
Shonda
27 days ago
I'm going with C as well. Unauthenticated endpoints are just begging to be exploited. Someone needs to put a lock on that thing before it causes any trouble.
upvoted 0 times
...
Tamra
1 months ago
Haha, I bet the IT team is having a field day trying to figure out who left the hr endpoint wide open like that. Option C all the way!
upvoted 0 times
Selma
10 days ago
User 1: I agree, option C seems like the most likely scenario.
upvoted 0 times
...
...
Marla
1 months ago
I think the endpoint has been marked at risk, which is option D. That seems like the most logical answer based on the information provided in the exhibit.
upvoted 0 times
...
Werner
2 months ago
I'm not sure, but I think C) The endpoint is unauthenticated could also be a possibility.
upvoted 0 times
...
Melissa
2 months ago
The correct answer is C. The endpoint is unauthenticated, which means it doesn't require any authentication to access it. This could be a potential security vulnerability that needs to be addressed.
upvoted 0 times
Micheal
28 days ago
That's a security risk. It should be addressed.
upvoted 0 times
...
Micheal
1 months ago
I think the correct answer is C. The endpoint is unauthenticated.
upvoted 0 times
...
...
Rex
2 months ago
I agree with Carlton, because the endpoint seems to have some security issue.
upvoted 0 times
...
Carlton
2 months ago
I think the answer is D) The endpoint has been marked at risk.
upvoted 0 times
...

Save Cancel