Fortinet NSE7_LED-7.0 Fortinet NSE 7 – LAN Edge 7.0 Online Training
Fortinet NSE7_LED-7.0 Online Training
The questions for NSE7_LED-7.0 were last updated at Nov 19,2024.
- Exam Code: NSE7_LED-7.0
- Exam Name: Fortinet NSE 7 - LAN Edge 7.0
- Certification Provider: Fortinet
- Latest update: Nov 19,2024
Refer to the exhibits
The exhibits show the wireless network (VAP) SSID profiles defined on FortiManager and an AP profile assigned to a group of APs that are supported by FortiGate None of the APs are broadcasting the SSlDs defined by the AP profile
Which changes do you need to make to enable the SSIDs to broadcast?
- A . In the SSIDs section enable Tunnel
- B . Enable one channel in the Channels section
- C . Enable multiple channels in the Channels section and enable Radio Resource Provision
- D . In the SSIDs section enable Manual and assign the networks manually
Which two statements about the guest portal on FortiAuthenticator are true? (Choose two.)
- A . Each remote user on FortiAuthenticator can sponsor up to 10 guest accounts
- B . Administrators must approve all guest accounts before they can be used
- C . The guest portal provides pre and post-log in services
- D . Administrators can use one or more incoming parameters to configure a mapping rule for the guest portal
Refer to the exhibit.
Exhibit.
Refer to the exhibits
In the wireless configuration shown in the exhibits, an AP is deployed in a remote site and has a wireless network (VAP) called Corporate deployed to it
The network is a tunneled network however clients connecting to a wireless network require access to a local printer Clients are trying to print to a printer on the remote site but are unable to do so.
Which configuration change is required to allow clients connected to the Corporate SSID to print locally?
- A . Configure split-tunneling in the vap configuration
- B . Configure split-tunneling in the wtp-profile configuration
- C . Disable the Block Intra-SSID Traffic (intra-vap-privacy) setting on the SSID (VAP) profile
- D . Configure the printer as a wireless client on the Corporate wireless network
Refer to the exhibit.
Examine the FortiManager configuration and FortiGate CLI output shown in the exhibit
An administrator is testing the NAC feature The test device is connected to a managed FortiSwitch device {S224EPTF19"537)onpOrt2
After applying the NAC policy on port2 and generating traffic on the test device the test device is not matching the NAC policy therefore the test device remains m the onboarding VLAN
Based on the information shown in the exhibit which two scenarios are likely to cause this issue? (Choose two.)
- A . Management communication between FortiGate and FortiSwitch is down
- B . The MAC address configured on the NAC policy is incorrect
- C . The device operating system detected by FortiGate is not Linux
- D . Device detection is not enabled on VLAN 4089
Refer to the exhibit.
Examine the FortiManager information shown in the exhibit
Which two statements about the FortiManager status are true” (Choose two)
- A . FortiSwitch manager is working in per-device management mode
- B . FortiSwitch is not authorized
- C . FortiSwitch manager is working in central management mode
- D . FortiSwitch is authorized and offline
An administrator has configured an SSID in bridge mode for corporate employees All APs are online and provisioned using default AP profiles Employees are unable to locate the SSID to conned
Which two configurations can the administrator verify? (Choose two)
- A . Verify that the broadcast SSID option is enabled in the SSID configuration
- B . Verify that the Block Intra-SSID Traffic (intra-vap-privacy) option in the SSID configuration is disabled
- C . Verify that the SSID to an AP group that should be broadcasting the SSID is applied
- D . Verify that the SSID is manually applied on AP profiles for both 2 4 GHz and 5 GHz radios
What is the purpose of enabling Windows Active Directory Domain Authentication on FortiAuthenticator?
- A . It enables FortiAuthenticator to use Windows administrator credentials to perform an LDAP lookup for a user search
- B . It enables FortiAuthenticator to use a Windows CA certificate when authenticating RADIUS users
- C . It enables FortiAuthenticator to import users from Windows AD
- D . It enables FortiAuthenticator to register itself as a Windows trusted device to proxy authentication using Kerberos
Refer to the exhibits.
Firewall Policy
Examine the firewall policy configuration and SSID settings
An administrator has configured a guest wireless network on FortiGate using the external captive portal The administrator has verified that the external captive portal URL is correct However wireless
users are not able to see the captive portal login page
Given the configuration shown in the exhibit and the SSID settings which configuration change should the administrator make to fix the problem?
- A . Disable the user group from the SSID configuration
- B . Enable the captivs-portal-exempt option in the firewall policy with the ID 11.
- C . Apply a guest.portal user group in the firewall policy with the ID 11.
- D . Include the wireless client subnet range in the Exempt Source section
Refer to the exhibit.
Examine the FortiGate user group configuration and the Windows AD LDAP group membership information shown in the exhibit
FortiGate is configured to authenticate SSL VPN users against Windows AD using LDAP The administrator configured the SSL VPN user group for SSL VPN users However the administrator noticed that both the student and j smith users can connect to SSL VPN
Which change can the administrator make on FortiGate to restrict the SSL VPN service to the student user only?
- A . In the SSL VPN user group configuration set Group Nam© to CN-SSLVPN, CN="users, DC-trainingAD, DC-training, DC-lab
- B . In the SSL VPN user group configuration, change Name to cn=sslvpn, CN=users, DC=trainingAD, Detraining, DC-lab.
- C . In the SSL VPN user group configuration set Group Name to ::;=Domain users.CN-Users/DC=trainingAD, DC-training, DC=lab.
- D . In the SSL VPN user group configuration change Type to Fortinet Single Sign-On (FSSO)
Refer to the exhibits.
Exhibit.
Examine the troubleshooting outputs shown in the exhibits
Users have been reporting issues with the speed of their wireless connection in a particular part of the wireless network The interface that is having issues is the 2 4 GHz interface that is currently configured on channel 6
The administrator of the wireless network has investigated and surveyed the local RF environment using the tools available at the AP and FortiGate
Which configuration would improve the wireless connection?
- A . Change the AP 2 4 GHz channel to 11
- B . Change the AP 2 4 GHz channel to 1.
- C . Change the AP 2 4 GHz channel to 9.
- D . Change the AP 2 4 GHz channel to 13.
Latest NSE7_LED-7.0 Dumps Valid Version with 37 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund
