Which option correctly describes an SP-initiated SSO SAML packet flow for a host without a SAML assertion?

Principal contacts service provider, service provider redirects principal to idendity provider, after successful authentication identify provider redirects principal to service provider.

Service provider contacts idendity provider, idendity provider validates principal for service provider, service provider establishes communication with principal.

Principal contacts idendity provider and is redirected to service provider, principal establishes connection with service provider, service provider validates authentication with identity provider.

Principal contacts idendity provider and authenticates, identity provider relays principal to service provider after valid authentication

How can a SAML metada file be used?

To import the required IDP configuration

To defined a list of trusted user names

To correlate the IDP address to its hostname

To resolve the IDP realm for authentication

Which behaviors exist for certificate revocation list (CRLs) on Fortiauthenticator? (Choose two)

CRLs contain the serial number of the certificate that has been revoked.

Revoked certificates are automatically placed on the CRL

CRLs can been exported only through the SCEP server

All local CAs share the same CRLs

You are a Fortiauthenticator administrator for a lagge organization. Users who are configured to use Fortitoken 200 for two-factor authentication can no longer authenticate. You have verified that only the user with two-factor authentication are experiencing the issue. What can couse this issue?

Time drift between Fortiauthenticator and hardware tokens

On of the fortiauthenticator devices in the active-active cluster has failed.

Fortiauthenticator has lose contact with the fortitoken cloud servers

Fortitoken 200 licence has expired

Which two capabilities does FortiAuthenticator offer when acting as a self-signed or local CA? (Choose two)

Importing other CA certificates and CRLs

Creating signing, and revoking of X.509 certificates

Validating other CA CRLs using OSCP

Merging local and remote CRLs using SCEP

Which two statements about the EAP-TTLS authentication method are true? (choose two)

Uses digital certificates only on the server side

Requires an EAP server certificate

Support a port access control (Wired) solution only

Which two statements about the self-service portal true? (Choose two)

Self-registration information can be sent to the user through email or SMS

Realms can be used to configure which seld-registered users or groups can authenticate on the network.

Administrator approval is required for all self-registration

Authenticating users must specific domain name along with username

Which two types of digital certificates can you create in fortiauthenticator? (Choose two)

Organization validation certificate

You are the administrator of a large network that includes a large local user database on the current Fortiauthenticator. You want to import all the users into a new Fortiauthenticator device. Which method should you use to migrate the local user?

Import users using RADIUS accounting update.

Import the current directory structure.

You are WI-FI provider and host multiple domains. How do you delegate user accounts, user groups and permissions per domain when they are authenticating on a single Fortiauthenticator device?

Automatically import host from each domain as they authenticate

Create multiple directory trees on FortiAuthenticator

Which two statement about the RADIUS service on Fortiauthenticator are true? (Choose two)

RADIUS users can migrated to ldap users

Fortiauthenticator answers only to RADIUS client that are registered with Fortiauthenticator

Two-factor authentication cannot be enforced when using RADIUS authentication

Only local users can be authenticated through RADIUS

You want to monitor fortiauthenticator system information and receive fortiauthenticator traps through SNMP. Which two configurations must be performed after enabling SNMP access on the fortiauthenticator interface.

Set the threshold to trigger SNMP traps

Upload management information base (MIB) Files to SNMP server

Associate an ASN, 1 mapping rule to the receiving host

Refer to the exhibit. Examine the screenshot shown in the exhibit. Which two statements regarding the configuration are true? (Choose two)

All guest accounts created using the account registration feature will be placed under the guest_portal_users group

All accounts registered through the guest portal must be validated through email

Guest users must fill in all the fields on the registration form

Guest user account will expire after eight hours

FortiAuthenticator 6.1

Authored by David Serpa

Architecture

2nd Grade

Used 5+ times

AI Actions

Add similar questions

Adjust reading levels

Convert to real-world scenario

Translate activity

More...

Content View

Student View

31 questions

Show all answers

MULTIPLE SELECT QUESTION

20 sec • 1 pt

Which two features of Fortiauthenticator are used for EAP deployment? (Choose two)

Certificate authority

LDAP server

MAC authentication bypass

RADIUS server

MULTIPLE CHOICE QUESTION

20 sec • 1 pt

Which Network configuration is required when deploying fortiauthenticator for portal services?

Fortiauthenticator must have the REST API access enable on port1

One of the DNS servers must be a Fortiguard DNS server

Fortigate must be setup as default gateway for FortiAuthenticator

Policies must have specific ports open between Fortiauthenticator and the authentication clients

MULTIPLE CHOICE QUESTION

20 sec • 1 pt

Which method is the most secure way of delivering fortitoken data once the token has been seeded?

Online activation of the tokens through the fortiguard network

Shipment of the seed files on a CD using a tamper-evident envelope

Using the in-house token provisioning toll

Automatic token generation using Fortiauthenticator

MULTIPLE SELECT QUESTION

20 sec • 1 pt

At a minimum which two configurations are required to enable guest portal services on Fortiauthenticator? (Choose two)

Configuring a portal policy

Configuring at least on post-login service

Configuring a RADIUS client

Configuring an external authentication portal

MULTIPLE SELECT QUESTION

20 sec • 1 pt

What happens when a certificate is revoked? (Choose two)

Revoked certificates cannot be reinstated for any reason

All certificates signed by a revoked CA certificate are automatically revoked

Revoked certificates are automatically added to the CRL

External CAs will periodically query Fortiauthenticator and automatically download revoked certificates

MULTIPLE SELECT QUESTION

20 sec • 1 pt

Which three of the following can be used as SSO sources? (Choose three)

Forticlient SSO Mobility Agent

SSH Sessions

FortiAuthenticator in SAML SP role

Fortigate

RADIUS accounting

MULTIPLE CHOICE QUESTION

20 sec • 1 pt

Which statement about the guest portal policies is true?

Guest portal policies apply only to authentication request coming from unknown RADIUS clients

Guest portal policies can be used only fo BYODs

Conditions in the policy apply only to guest wireless users

All conditions in the policy must match before a user is presented with the guest portal

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Popular Resources on Wayground

8 questions

Spartan Way - Classroom Responsible

Quiz

•

9th - 12th Grade

15 questions

Fractions on a Number Line

Quiz

•

3rd Grade

14 questions

Boundaries & Healthy Relationships

Lesson

•

6th - 8th Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

3 questions

Integrity and Your Health

Lesson

•

6th - 8th Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

9 questions

FOREST Perception

Lesson

•

20 questions

Main Idea and Details

Quiz

•

5th Grade

Discover more resources for Architecture

10 questions

Wayground Quiz Review for G2 Benchmark 3

Quiz

•

2nd Grade

20 questions

addition facts

Quiz

•

2nd Grade

10 questions

Telling Time to the Nearest 5 Minutes

Quiz

•

2nd Grade

30 questions

Multiplication Facts 1-12

Quiz

•

2nd - 5th Grade

7 questions

Understanding Parallel, Intersecting, and Perpendicular Lines

Interactive video

•

1st - 6th Grade

14 questions

Main Idea

Quiz

•

2nd - 3rd Grade

20 questions

Multiplication Facts

Quiz

•

2nd - 3rd Grade

10 questions

3 Digit Addition and Subtraction with Regrouping

Quiz

•

2nd - 4th Grade

FortiAuthenticator 6.1

Which two features of Fortiauthenticator are used for EAP deployment? (Choose two)

Which Network configuration is required when deploying fortiauthenticator for portal services?

Which method is the most secure way of delivering fortitoken data once the token has been seeded?

At a minimum which two configurations are required to enable guest portal services on Fortiauthenticator? (Choose two)

What happens when a certificate is revoked? (Choose two)

Which three of the following can be used as SSO sources? (Choose three)

Which statement about the guest portal policies is true?

Which option correctly describes an SP-initiated SSO SAML packet flow for a host without a SAML assertion?

How can a SAML metada file be used?

What are three key features of fortiauthenticator? (Choose three)

Access all questions and much more by creating a free account

Popular Resources on Wayground

Discover more resources for Architecture