Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25

- Free Preparation Discussions

Fortinet Exam NSE6_FAC-6.4 Topic 3 Question 17 Discussion

Actual exam question for Fortinet's NSE6_FAC-6.4 exam

Question #: 17
Topic #: 3

[All NSE6_FAC-6.4 Questions]

An administrator wants to keep local CA cryptographic keys stored in a central location.

Which FortiAuthenticator feature would provide this functionality?

ASCEP support

BREST API

CNetwork HSM

DSFTP server

Show Suggested Answer

Suggested Answer: A, D

FortiAuthenticator can be configured as a SAML identity provider (IdP) or a SAML service provider (SP). As an IdP, FortiAuthenticator authenticates users and issues SAML assertions to SPs. As an SP, FortiAuthenticator receives SAML assertions from IdPs and grants access to users based on the attributes in the assertions. Principal and assertion server are not valid SAML roles. Reference: https://docs.fortinet.com/document/fortiauthenticator/6.4/administration-guide/372407/saml

by Galen at Mar 08, 2024, 11:00 AM

Limited Time Offer

25%

Off

Get Premium NSE6_FAC-6.4 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Jamal

1 months ago

This question is a piece of cake! C. Network HSM all the way. Now, where can I get one of those miniature HSMs for my desk?

upvoted 0 times

Laurene

21 hours ago

Yeah, it would definitely keep the keys secure in a central location.

upvoted 0 times

...

Florinda

5 days ago

I think you're right, Network HSM sounds like the best option.

upvoted 0 times

...

Louis

7 days ago

C. Network HSM

upvoted 0 times

...

...

Alica

1 months ago

Hmm, I'm torn between B and C. Maybe I should just ask the admin to buy me a fancy HSM for my birthday.

upvoted 0 times

...

Glory

1 months ago

D. SFTP server? Really? That's just asking for trouble. Gotta go with C on this one.

upvoted 0 times

Gracia

14 days ago

C) Network HSM

upvoted 0 times

...

Lucia

16 days ago

D) SFTP server

upvoted 0 times

...

Leonida

24 days ago

C) Network HSM

upvoted 0 times

...

...

Dylan

2 months ago

B. REST API could also be a good option to manage the keys remotely, but Network HSM seems more secure.

upvoted 0 times

Floyd

28 days ago

D) SFTP server

upvoted 0 times

...

Laurene

28 days ago

C) Network HSM

upvoted 0 times

...

Tashia

1 months ago

B) REST API

upvoted 0 times

...

Barney

1 months ago

C) Network HSM

upvoted 0 times

...

Annita

1 months ago

A) SCEP support

upvoted 0 times

...

Glory

1 months ago

B) REST API

upvoted 0 times

...

Kayleigh

2 months ago

A) SCEP support

upvoted 0 times

...

...

Alease

2 months ago

I think the answer is C. Network HSM sounds like the perfect feature to centralize the CA cryptographic keys.

upvoted 0 times

...

Ryann

2 months ago

I'm not sure, but I think A) SCEP support could also be a good choice for this scenario.

upvoted 0 times

...

Brittney

2 months ago

I agree with Trinidad, Network HSM is the best option for storing keys centrally.

upvoted 0 times

...

Trinidad

2 months ago

I think the answer is C) Network HSM because it can securely store cryptographic keys.

upvoted 0 times

...

az-700 pass4success az-104 200-301 200-201 cissp 350-401 350-201 350-501 350-601 350-801 350-901 az-720 az-305 pl-300

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77