Fortinet fcp fct ad 7 2 practice test
fcp - forti client ems 7.2 administrator
Question 1
Refer to the exhibit.
Based on the FortiClient logs shown in the exhibit, which endpoint profile policy is currently applied to the FortiClient endpoint from the EMS server?
- A. Fortinet-Training
- B. Default configuration policy
- C. Compliance rules default
- D. Default
Answer:
a
Question 2
What does FortiClient do as a fabric agent? (Choose two.)
- A. Provides IOC verdicts
- B. Creates dynamic policies
- C. Provides application inventory
- D. Automates Responses
Answer:
cd
Question 3
Refer to the exhibits, which show the Zero Trust Tag Monitor and the FortiClient GUI status.
Remote-Client is tagged as Remote-Users on the FortiClient EMS Zero Trust Tag Monitor.
What must an administrator do to show the tag on the FortiClient GUI?
- A. Change the FortiClient EMS shared settings to enable tag visibility.
- B. Change the endpoint alerts configuration to enable tag visibility.
- C. Update tagging rule logic to enable tag visibility.
- D. Change the FortiClient system settings to enable tag visibility.
Answer:
d
Question 4
A FortiClient EMS administrator has enabled the compliance rule for the sales department.
Which Fortinet device will enforce compliance with dynamic access control?
- A. FortiClient
- B. FortiClient EMS
- C. FortiGate
- D. FortiAnalyzer
Answer:
c
Question 5
Refer to the exhibit.
Based on the settings shown in the exhibit, which statement about FortiClient behaviour is true?
- A. FortiClient scans infected files when the user copies files to the Resources folder.
- B. FortiClient quarantines infected files and reviews later, alter scanning them.
- C. FortiClient copies infected files to the Resources folder without scanning them.
- D. FortiClient blocks and deletes infected files alter scanning them.
Answer:
c
Question 6
An administrator must add an authentication server on FortiClient EMS in a different security zone that cannot allow a direct connection.
Which solution can provide secure access between FortiClient EMS and the Active Directory server?
- A. Configure and deploy a FortiGate device between FortiClient EMS and the Active Directory server.
- B. Configure Active Directory and install FortiClient EMS on the same VM.
- C. Configure a slave FortiClient EMS on a virtual machine.
- D. Configure an Active Directory connector between FortiClient EMS and the Active Directory server.
Answer:
d
Question 7
What action does FortiClient anti-exploit detection take when it detects exploits?
- A. Deletes the compromised application process
- B. Patches the compromised application process
- C. Blocks memory allocation to the compromised application process
- D. Terminates the compromised application process
Answer:
d
Question 8
Refer to the exhibit.
Based on the settings shown in the exhibit, which action will FortiClient take when users try to access www.facebook.com?
- A. FortiClient will allow access to Facebook.
- B. FortiClient will block access to Facebook and its subdomains.
- C. FortiClient will monitor only the user's web access to the Facebook website.
- D. FortiClient will prompt a warning message to warn the user before they can access the Facebook website.
Answer:
a
Question 9
Refer to the exhibit, which shows FortiClient EMS deployment profiles.
When an administrator creates a deployment profile on FortiClient EMS, which statement about the deployment profile is true?
- A. Deployment-2 will upgrade FortiClient on both the AD group and workgroup.
- B. Deployment-1 will install FortiClient on new AD group endpoints.
- C. Deployment-2 will install FortiClient on both the AD group and workgroup.
- D. Deployment-1 will upgrade FortiClient only on the workgroup.
Answer:
a
Question 10
Refer to the exhibit.
Based on the FortiClient log details shown in the exhibit, which two statements are true? (Choose two.)
- A. The filename is Unconfirmed 899290.crdownload.
- B. The file status is Quarantined.
- C. The filename is sent to FortiSandbox for further inspection.
- D. The file location is \??\D:\Users\.
Answer:
ab