7/5/2021 FortiNAC Quiz: Attempt review

 NSE 3 FortiNAC

Started on Monday, July 5, 2021, 8:09 AM

State Finished
Completed on Monday, July 5, 2021, 8:18 AM
Time taken 9 mins 34 secs
Points 9/10
Grade 90 out of 100
Feedback Congratulations, you passed!

Question 1 Which three Fortinet products can be integrated with FortiNAC as part of the Fortinet Security Fabric? (Choose three.)
Correct

1 points out of 1 Select one or more:

FortiGate 

FortiClient 

FortiToken

FortiSIEM 

FortiPhone

Question 2 Which three pain points have contributed to the exponential growth of NAC? (Choose three.)
Correct

1 points out of 1 Select one or more:

Technology within a corporation is sometimes not aligned with business objectives

The proliferation of the Internet of Things (IoT) and wanting to apply zero trust principles to these devices 

Network administrators lack the visibility to identify and monitor all of the devices on the network 

SQL injection, an increasingly popular technique, exploits a security vulnerability in an application’s software

For regulatory compliance, CISOs need proof that the enterprise is controlling and monitoring its network 

Question 3 Given the prevalence of IoT and BYOD devices on networks, what is one question that is difficult for IT to answer without NAC?
Correct

1 points out of 1 Select one:

What ports and IPs have been blocked on your network?

What devices are on your network? 

How many DDoS attacks have you experienced in the last six months?

How many emails are sent and received daily from your email server?

Question 4 Which statement describes zero trust?

Correct

1 points out of 1 Select one:

Users and devices can request access to a resource only one time, and if they are denied, any additional attempts to access the
resource are denied

Every time a user or device requests network access to a resource, the device and user must first be verified before any access is
given. 

Once a user or device is granted access to a network resource, for continued access there is zero re-evaluation of the user’s or
device’s attributes.

Once a user or device is granted access to a network resource, the user or device gains access to all network resources.

https://training.fortinet.com/mod/quiz/review.php?attempt=7542586&cmid=126496 1/3
7/5/2021 FortiNAC Quiz: Attempt review

Question 5 What is a key capability of FortiNAC?

Correct

1 points out of 1 Select one:

FortiNAC monitors the network continuously and responds automatically when a triggering event is observed. 

FortiNAC authenticates all devices and users before they can access the network.

FortiNAC protects the network from a distributed denial of service attack by blocking traffic that surpasses prescribed
thresholds.

FortiNAC segments the network according to subnet mask and IP address.

Question 6 Which question is most relevant as a FortiNAC discovery question to a prospect?

Incorrect

0 points out of 1 Select one:

“How do you know if your network has been breached?”

“Do you have too many IoT devices in your network?” 

“Do you intend to have user identity information shared across your network?”

“Do you want to deploy a Zero Trust approach to the devices on the network??”

Question 7 What is a correct response for a prospect asking “We are not a Fortinet customer, would FortiNAC work in my network?”?
Correct

1 points out of 1 Select one:

“Yes, if you purchase FortiIntegrator as well, which can be used with FortiNAC to configure network and security devices from
most other vendors.”

“Yes, but you would have to replace the majority of your devices with Fortinet devices.”

“Yes, FortiNAC supports more than 170 vendors and excels in multi-vendor environments.” 

“Yes, as long as you use the VM version of FortiNAC.”

Question 8 What are two steps FortiNAC performs in the process of identifying a device on the network? (Choose two.)
Correct

1 points out of 1 Select one or more:

FortiNAC communicates with FortiGuard Labs to obtain the latest antivirus signatures.

After a device connects to a switch, FortiNAC communicates with the switch to obtain the device’s MAC address. 

FortiNAC identifies the TCP port numbers the device is using to determine if they are expected for that type of device. 

FortiNAC moves the application running on the device to an isolated environment for analysis until the device can be identified.

Question 9 Which two key capabilities does FortiNAC offer customers? (Choose two.)
Correct

1 points out of 1 Select one or more:

Filtration—FortiNAC filters web traffic and stops any known malware

Segmentation—FortiNAC segments the network by device so that the device can only access those assets it requires 

Visibility—FortiNAC provides identification, profiling, and vulnerability scanning of devices 

Malware containment and analysis—FortiNAC  an application to an isolated environment to analyze it for potential

Question 10 Which two statements are true about target verticals and industries for FortiNAC? (Choose two.)
Correct

1 points out of 1 Select one or more:

Higher education and healthcare have been aggressive adopters of NAC. 

For the most part only small businesses are interested in NAC.

Gi h i fI Td
https://training.fortinet.com/mod/quiz/review.php?attempt=7542586&cmid=126496
i i k d F iNAC i li bl ll i l  2/3
7/5/2021 FortiNAC Quiz: Attempt review
Given the pervasiveness of IoT devices in networks today, FortiNAC is applicable to all verticals. 

As governments do not permit BYOD devices on their networks, this vertical has been slow to adopt NAC.

https://training.fortinet.com/mod/quiz/review.php?attempt=7542586&cmid=126496 3/3