Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

Fortinet Exam NSE7_LED-7.0 Topic 1 Question 33 Discussion

Actual exam question for Fortinet's NSE7_LED-7.0 exam
Question #: 33
Topic #: 1
[All NSE7_LED-7.0 Questions]

Refer to the exhibit.

Examine the FortiGate configuration FortiAnalyzer logs and FortiGate widget shown in the exhibit

An administrator is testing the Security Fabric quarantine automation The administrator added FortiAnalyzer to the Security Fabric and configured an automation stitch to automatically quarantine compromised devices The test device (::.:.:.!) s connected to a managed Fort Switch dev :e

After trying to access a malicious website from the test device, the administrator verifies that FortiAnalyzer has a log (or the test connection However the device is not getting quarantined by FortiGate as shown in the quarantine widget

Which two scenarios are likely to cause this issue? (Choose two)

Show Suggested Answer Hide Answer
Suggested Answer: A, B

According to the exhibit, the wireless guest users are getting a certificate error while loading the captive portal login page. This means that the browser cannot verify the identity of the server that is hosting the login page. Therefore, option A is true because the external server FQDN is incorrect, which means that it does not match the common name or subject alternative name of the server certificate. Option B is also true because the wireless user's browser is missing a CA certificate, which means that it does not have the root or intermediate certificate that issued the server certificate. Option C is false because the FortiGate authentication interface address is using HTTPS, which is a secure protocol that encrypts the communication between the browser and the server. Option D is false because the user address is not in DDNS form, which is not related to the certificate error.


by Nan at Nov 19, 2024, 04:28 AM

Limited Time Offer

25%

Off

Get Premium NSE7_LED-7.0 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Jenelle
1 months ago
Ah, the old 'web filtering not working' trick. Classic Fortinet move. I bet the admin is sitting there, scratching their head, wondering why their fancy automation isn't working. At least they know where to start troubleshooting now!
upvoted 0 times
...
Zack
1 months ago
I'm going with B and D. FortiAnalyzer needs the right licenses to detect threats, and if it doesn't see the website as an IOC, the quarantine automation won't work. Gotta love these tricky Fortinet questions!
upvoted 0 times
Susy
1 days ago
And if it doesn't see the website as a threat, then the quarantine automation won't kick in.
upvoted 0 times
...
Devora
2 days ago
Yeah, without the right licenses, FortiAnalyzer won't be able to detect the threats properly.
upvoted 0 times
...
Howard
8 days ago
I agree with you, B and D seem like the most likely scenarios causing the issue.
upvoted 0 times
...
...
Janey
1 months ago
Haha, the device doesn't have FortiClient? What is this, the dark ages? Every device should have client security these days. But seriously, that's not the issue here.
upvoted 0 times
Allene
13 days ago
B) FortiAnalyzer does not have a valid threat detection services license
upvoted 0 times
...
Mabelle
16 days ago
A) The web filtering rating service is not working
upvoted 0 times
...
...
Bette
1 months ago
Wait, why would FortiAnalyzer need a threat detection services license to log the connection? That doesn't make sense. I'd go with option D - FortiAnalyzer doesn't consider the website an IOC, so it's not triggering the quarantine.
upvoted 0 times
Deja
8 days ago
Yeah, without considering the website as an IOC, FortiGate won't quarantine the device. Option D makes sense.
upvoted 0 times
...
Latricia
17 days ago
I agree, if FortiAnalyzer doesn't see the website as a threat, then it won't trigger the quarantine.
upvoted 0 times
...
Fausto
1 months ago
Option D seems like the most likely reason. The website might not be flagged as a threat by FortiAnalyzer.
upvoted 0 times
...
...
Samuel
2 months ago
I think the issue is with the web filtering rating service. If it's not working, FortiGate won't be able to identify the malicious website and trigger the quarantine automation.
upvoted 0 times
Melina
1 months ago
B) FortiAnalyzer does not have a valid threat detection services license
upvoted 0 times
...
Tamar
1 months ago
A) The web filtering rating service is not working
upvoted 0 times
...
...
Claribel
2 months ago
But what if FortiAnalyzer does not consider the malicious website as an indicator of compromise? That could also be a possible scenario causing the issue.
upvoted 0 times
...
Laurena
2 months ago
I agree with Francine. If the web filtering service is not working, then the device won't get quarantined.
upvoted 0 times
...
Francine
2 months ago
I think the issue might be with the web filtering rating service.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77