Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

Fortinet Exam NSE7_ZTA-7.2 Topic 4 Question 1 Discussion

Actual exam question for Fortinet's NSE7_ZTA-7.2 exam
Question #: 1
Topic #: 4
[All NSE7_ZTA-7.2 Questions]

Exhibit.

Based on the ZTNA logs provided, which statement is true?

Show Suggested Answer Hide Answer
Suggested Answer: A

Based on the ZTNA logs provided, the true statement is:

A) The Remote_user ZTNA tag has matched the ZTNA rule: The log includes a user tag 'ztna_user' and a policy name 'External_Access_FAZ', which suggests that the ZTNA tag for 'Remote_User' has successfully matched the ZTNA rule defined in the policy to allow access.

The other options are not supported by the information in the log:

B) An authentication scheme is configured: The log does not provide details about an authentication scheme.

C) The external IP for ZTNA server is 10.122.0.139: The log entry indicates 'dstip=10.122.0.139' which suggests that this is the destination IP address for the traffic, not necessarily the external IP of the ZTNA server.

D) Traffic is allowed by firewall policy 1: The log entry 'policyid=1' indicates that the traffic is matched to firewall policy ID 1, but it does not explicitly state that the traffic is allowed; although the term 'action=accept' suggests that the action taken by the policy is to allow the traffic, the answer option D could be considered correct as well.


Interpretation of FortiGate ZTNA Log Files.

Analyzing Traffic Logs for Zero Trust Network Access.

by Daron at Jan 25, 2024, 08:38 AM

Limited Time Offer

25%

Off

Get Premium NSE7_ZTA-7.2 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Vernell
24 days ago
Hmm, I'm not seeing any mention of a firewall policy in the logs. I think option D is a bit of a stretch. But hey, stranger things have happened in these exams, am I right?
upvoted 0 times
...
Rochell
25 days ago
Ha, I don't know about you, but I'm pretty sure the external IP for the ZTNA server isn't 10.122.0.139. That's just a random IP address, right?
upvoted 0 times
...
Malinda
26 days ago
Well, the logs show that an authentication scheme is configured, so I'm inclined to go with option B. That seems like the most straightforward answer.
upvoted 0 times
Alecia
4 days ago
Looks like we all agree on option B then.
upvoted 0 times
...
Charlene
5 days ago
Agreed, option B is the most logical choice.
upvoted 0 times
...
Mirta
6 days ago
Good point, let's stick with option B.
upvoted 0 times
...
Lashon
7 days ago
I don't think option A is correct because it doesn't mention authentication.
upvoted 0 times
...
Matthew
8 days ago
But what about option A?
upvoted 0 times
...
Herman
9 days ago
Yes, that makes sense.
upvoted 0 times
...
Lauran
10 days ago
B) An authentication scheme is configured
upvoted 0 times
...
Lettie
11 days ago
1
upvoted 0 times
...
Maile
12 days ago
1
upvoted 0 times
...
...
Lavonna
27 days ago
Hmm, this question seems a bit tricky. I'm not sure if the ZTNA tag matching is the right answer here. What do you guys think?
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77