When deploying FortiSASE agent-based clients, which three features are available compared to an agentless solution? (Choose three.)
When deploying FortiSASE agent-based clients, which three features are available compared to an agentless solution? (Choose three.)A . Vulnerability scanB . SSL inspectionC . Anti-ransomware protectionD . Web filterE . ZTNA tagsView AnswerAnswer: ABD Explanation: When deploying FortiSASE agent-based clients, several features are available that are not typically available with...
To allow access, which web tiller configuration must you change on FortiSASE?
Refer to the exhibit. To allow access, which web tiller configuration must you change on FortiSASE?A . FortiGuard category-based filterB . content filterC . URL FilterD . inline cloud access security broker (CASB) headersView AnswerAnswer: C Explanation: The exhibit indicates that the URL https://www.bbc.com/ is being blocked due to containing...
Which policy type is used to control traffic between the FortiClient endpoint to FortiSASE for secure internet access?
Which policy type is used to control traffic between the FortiClient endpoint to FortiSASE for secure internet access?A . VPN policyB . thin edge policyC . private access policyD . secure web gateway (SWG) policyView AnswerAnswer: D Explanation: The Secure Web Gateway (SWG) policy is used to control traffic between...
Which FortiSASE feature ensures least-privileged user access to all applications?
Which FortiSASE feature ensures least-privileged user access to all applications?A . secure web gateway (SWG)B . SD-WANC . zero trust network access (ZTNA)D . thin branch SASE extensionView AnswerAnswer: C Explanation: Zero Trust Network Access (ZTNA) is the FortiSASE feature that ensures least-privileged user access to all applications. ZTNA operates...
When remote users connected to FortiSASE require access to internal resources on Branch-2. how will traffic be routed?
Refer to the exhibits. When remote users connected to FortiSASE require access to internal resources on Branch-2. how will traffic be routed?A . FortiSASE will use the SD-WAN capability and determine that traffic will be directed to HUB-2. which will then route traffic to Branch-2.B . FortiSASE will use the...
Which application override action must you configure in the Application Control with Inline-CASB?
An organization wants to block all video and audio application traffic but grant access to videos from CNN. Which application override action must you configure in the Application Control with Inline-CASB?A . AllowB . PassC . PermitD . ExemptView AnswerAnswer: D Explanation: To block all video and audio application traffic...
What are two advantages of using zero-trust tags? (Choose two.)
What are two advantages of using zero-trust tags? (Choose two.)A . Zero-trust tags can be used to allow or deny access to network resourcesB . Zero-trust tags can determine the security posture of an endpoint.C . Zero-trust tags can be used to create multiple endpoint profiles which can be applied...
Which role does FortiSASE play in supporting zero trust network access (ZTNA) principles9
Which role does FortiSASE play in supporting zero trust network access (ZTNA) principles9A . It offers hardware-based firewalls for network segmentation.B . It integrates with software-defined network (SDN) solutions.C . It can identify attributes on the endpoint for security posture check.D . It enables VPN connections for remote employees.View AnswerAnswer:...
Which configuration change must the administrator make to get proper user information?
Refer to the exhibit. In the user connection monitor, the FortiSASE administrator notices the user name is showing random characters. Which configuration change must the administrator make to get proper user information?A . Turn off log anonymization on FortiSASE.B . Add more endpoint licenses on FortiSASE.C . Configure the username...
Which configuration on FortiSASE is allowing users to perform the download?
Refer to the exhibits. A FortiSASE administrator has configured an antivirus profile in the security profile group and applied it to the internet access policy. Remote users are still able to download the eicar.com-zip file from https://eicar.org. Traffic logs show traffic is allowed by the policy. Which configuration on FortiSASE...