Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Fortinet Exam NSE7_ZTA-7.2 Topic 4 Question 17 Discussion

Actual exam question for Fortinet's NSE7_ZTA-7.2 exam
Question #: 17
Topic #: 4
[All NSE7_ZTA-7.2 Questions]

FortiNAC has alarm mappings configured for MDM compliance failure, and FortiClient EMS is added as a MDM connector When an endpoint is quarantined by FortiClient EMS, what action does FortiNAC perform?

Show Suggested Answer Hide Answer
Suggested Answer: A

In the scenario where FortiNAC has alarm mappings configured for MDM (Mobile Device Management) compliance failure and FortiClient EMS (Endpoint Management System) is integrated as an MDM connector, the typical response when an endpoint is quarantined by FortiClient EMS is to isolate the host in the registration VLAN. This action is consistent with FortiNAC's approach to network access control, focusing on ensuring network security and compliance. By moving the non-compliant or quarantined host to a registration VLAN, FortiNAC effectively segregates it from the rest of the network, mitigating potential risks while allowing for further investigation or remediation steps. Reference: FortiNAC documentation, MDM Compliance and Response Actions.


Contribute your Thoughts:

Josefa
4 months ago
Haha, looks like someone forgot to disable the 'host is disabled' option. That would be a little overkill, don't you think?
upvoted 0 times
Maynard
4 months ago
Maybe forcing authentication again could also work.
upvoted 0 times
...
Laine
4 months ago
I agree, marking it at risk would be more appropriate.
upvoted 0 times
...
Omega
4 months ago
Yeah, disabling the host seems a bit extreme.
upvoted 0 times
...
...
Chun
4 months ago
I'm not sure, but I think B) The host is marked at risk could also be a possibility.
upvoted 0 times
...
Major
4 months ago
I agree with Eleni. The host being marked as at-risk is the expected behavior when FortiClient EMS quarantines the endpoint.
upvoted 0 times
Caitlin
3 months ago
D) The host is disabled
upvoted 0 times
...
Lauryn
4 months ago
C) The host is forced to authenticate again
upvoted 0 times
...
Samira
4 months ago
B) The host is marked at risk
upvoted 0 times
...
Lonna
4 months ago
A) The host is isolated in the registration VLAN
upvoted 0 times
...
...
Eleni
5 months ago
Option B seems to be the correct answer. FortiNAC marks the host as at-risk when it is quarantined by FortiClient EMS.
upvoted 0 times
Tashia
3 months ago
Good to know. FortiNAC's response to a quarantined host by FortiClient EMS is to mark it as at-risk.
upvoted 0 times
...
Lynelle
4 months ago
Yes, that's right. FortiNAC will mark the host as at-risk in that situation.
upvoted 0 times
...
Isaac
4 months ago
I think option B is correct. FortiNAC marks the host as at-risk when quarantined by FortiClient EMS.
upvoted 0 times
...
Carla
4 months ago
It's important for FortiNAC to be able to identify and respond to compliance failures.
upvoted 0 times
...
Alex
4 months ago
That makes sense, FortiNAC needs to take action when an endpoint is quarantined.
upvoted 0 times
...
Terrilyn
4 months ago
I agree, option B is the correct answer. FortiNAC marks the host as at-risk.
upvoted 0 times
...
...
Skye
5 months ago
I disagree, I believe the correct answer is D) The host is disabled.
upvoted 0 times
...
Melynda
5 months ago
I think the answer is A) The host is isolated in the registration VLAN.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77