Fortinet NSE7_SAC-6.2 dumps - 100% Pass Guarantee!

A wireless network in a school provides guest access using a captive portal to allow unregistered users to self-register and access the network. The administrator is requested to update the existing configuration to provide captive portal authentication through a secure connection (HTTPS) to protect and encrypt guest user credentials after they receive the login information when registered for the first time.

Which two changes must the administrator make to enforce HTTPS authentication? (Choose two.)

A. Provide instructions to users to use HTTPS to access the network.

B. Create a new SSID with the HTTPS captive portal URL.

C. Enable Redirect HTTP Challenge to a Secure Channel (HTTPS) in the user authentication settings

D. Update the captive portal URL to use HTTPS on FortiGate and FortiAuthenticator

An administrator is deploying APs that are connecting over an IPsec network. All APs have been configured to connect to FortiGate manually. FortiGate can discover the APs and authorize them. However, FortiGate is unable to establish CAPWAP tunnels to manage the APs.

Which configuration setting can the administrator perform to resolve the problem?

A. Decrease the CAPWAP tunnel MTU size for APs to prevent fragmentation.

B. Enable CAPWAP administrative access on the IPsec interface.

C. Upgrade the FortiAP firmware image to ensure compatibility with the FortiOS version.

D. Assign a custom AP profile for the remote APs with the set mpls-connectionoption enabled.

Which statement correctly describes the quest portal behavior on FortiAuthenticator?

A. Sponsored accounts cannot authenticate using guest portals.

B. FortiAuthenticator uses POST parameters and a RADIUS client configuration to map the request to a guest portal for authentication.

C. All guest accounts must be activated using SMS or email activation codes.

D. All self-registered and sponsored accounts are listed on the local Users GUI page on FortiAuthenticator.

Refer to the exhibit.

Examine the packet capture shown in the exhibit, which contains a RADIUS access request packet sent by FortiSwitch to a RADIUS server.

Why does the User-Name field in the RADIUS access request packet contain a MAC address?

A. The FortiSwitch interface is configured for 802.1X port authentication with MAC address bypass, and the connected device does not support 802.1X.

B. FortiSwitch authenticates itself using its MAC address as the user name.

C. The connected device is doing machine authentication.

D. FortiSwitch is replying to an access challenge packet sent by the RADIUS server and requesting the client MAC address.

An administrator has deployed dual band-capable wireless APs in a wireless network. Multiple 2.4 GHz wireless clients are connecting to the network, and subsequent monitoring shows that individual AP

2.4GHz interfaces are being overloaded with wireless connections. Which configuration change would best resolve the overloading issue?

A. Configure load balancing AP handoff on both the AP interfaces on all APs.

B. Configure load balancing AP handoff on only the 2.4GHz interfaces of all Aps.

C. Configure load balancing frequency handoff on both the AP interfaces.

D. Configure a client limit on the all AP 2.4GHz interfaces.