• Home
  • Articles
  • NSE6_FAC-6.1 Dumps Updated Jan 15, 2023 Practice Test and 31 unique questions [Q18-Q33]

NSE6_FAC-6.1 Dumps Updated Jan 15, 2023 Practice Test and 31 unique questions [Q18-Q33]

Share

NSE6_FAC-6.1 Dumps Updated Jan 15, 2023 Practice Test and 31 unique questions

2023 Latest 100% Exam Passing Ratio - NSE6_FAC-6.1 Dumps PDF

NEW QUESTION 18
Which option correctly describes an SP-initiated SSO SAML packet flow for a host without a SAML assertion?

  • A. Principal contacts service provider, service provider redirects principal to idendity provider, after succesfull authentication identify provider redirects principal to service provider
  • B. Principal contacts idendity provider and authenticates, identity provider relays principal to service provider after valid authentication
  • C. Service provider contacts idendity provider, idendity provider validates principal for service provider, service provider establishes communication with principal
  • D. Principal contacts idendity provider and is redirected to serviceprovider, principal establishes connection with service provider, service provider validates authentication with identify provider

Answer: A

 

NEW QUESTION 19
How can a SAML metada file be used?

  • A. To import the required IDP configuration
  • B. To correlate the IDP address to its hostname
  • C. To defined a list of trusted user names
  • D. To resolve the IDP realm for authentication

Answer: A

 

NEW QUESTION 20
When you are setting up two FortiAuthenticator devices in active-passive HA, which HA role must you select on the masterFortiAuthenticator?

  • A. Cluster member
  • B. Active-passive master
  • C. Load balancing master
  • D. Standalone master

Answer: A

 

NEW QUESTION 21
Which FSSO discovery method transparently detects logged off users without having to rely on external features such as WMI polling?

  • A. DC Polling
  • B. FortiClient SSO Mobility Agent
  • C. Windows AD polling
  • D. Radius Accounting

Answer: B

 

NEW QUESTION 22
At a minimum, which two configurations are required to enable guest portal services on FortiAuthenticator?
(Choose two)

  • A. Configuring a RADIUS client
  • B. Configuring at least on post-login service
  • C. Configuring a portal policy
  • D. Configuring an external authentication portal

Answer: B,C

 

NEW QUESTION 23
You are the administrator of a large network that includes a large local user datadabase on the current Fortiauthenticatior. You want to import all the local users into a new Fortiauthenticator device.
Which method should you use to migrate the local users?

  • A. Import users fromRADUIS.
  • B. Import the current directory structure.
  • C. Import users using RADIUS accounting updates.
  • D. Import users using a CSV file.

Answer: D

 

NEW QUESTION 24
Which behaviors exist for certificate revocation lists (CRLs) on FortiAuthenticator? (Choose two)

  • A. CRLs can beexported only through the SCEP server
  • B. Revoked certificates are automaticlly placed on the CRL
  • C. All local CAs share the same CRLs
  • D. CRLs contain the serial number of the certificate that has been revoked

Answer: B,D

 

NEW QUESTION 25
Which two statements about the EAP-TTLS authentication method are true? (Choose two)

  • A. Requires an EAP server certificate
  • B. Uses digital certificates only on the server side
  • C. Uses mutualauthentication
  • D. Support a port access control (wired) solution only

Answer: A,B

 

NEW QUESTION 26
Which EAP method is known as the outer authentication method?

  • A. EAP-TLS
  • B. MSCHAPV2
  • C. PEAP
  • D. EAP-GTC

Answer: C

 

NEW QUESTION 27
A device or useridentity cannot be established transparently, such as with non-domain BYOD devices, and allow users to create their own credentialis.
In this case, which user idendity discovery method can Fortiauthenticator use?

  • A. Syslog messaging or SAML IDP
  • B. Radius accounting
  • C. Kerberos-base authentication
  • D. Portal authentication

Answer: D

 

NEW QUESTION 28
Which two protocols are the default management access protocols for administrative access for FortiAuthenticator? (Choose two)

  • A. HTTPS
  • B. SSH
  • C. SNMP
  • D. Telnet

Answer: A,B

 

NEW QUESTION 29
Which statement about the guest portal policies is true?

  • A. Guest portal policies can be used only for BYODs
  • B. Guest portal policies apply only to authentication requests coming from unknown RADIUS clients
  • C. All conditions in the policy must match before a user is presented with the guest portal
  • D. Conditions in the policy apply only to guest wireless users

Answer: C

 

NEW QUESTION 30
......

Verified NSE6_FAC-6.1 dumps Q&As - 100% Pass from PassReview: https://vcetorrent.passreview.com/NSE6_FAC-6.1-exam-questions.html

Related Articles

more
Fortinet NSE6_FAC-6.1 Certification Practice Exam

Copyright © 2026 PassReview NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy