ExamTopics Logo
Mail Us[email protected]
Menu
Fortinet Discussions
exam questions

Exam NSE7_LED-7.0 All Questions

View all questions & answers for the NSE7_LED-7.0 exam
Go to Exam

Exam NSE7_LED-7.0 topic 1 question 35 discussion

Actual exam question from Fortinet's NSE7_LED-7.0
Question #: 35
Topic #: 1
[All NSE7_LED-7.0 Questions]

Refer to the exhibit showing certificate values.

Wireless guest users are unable to authenticate because they are getting a certificate error while loading the captive portal login page. This URL string is the HTTPS POST URL guest wireless users see when attempting to access the network using the web browser: https://fac.trainingad.training.com/guests/login/? login&post=https://auth.trainingad.training.lab:1003/fgtauth&magic=000a038293d1f411&usermac=b8:27:eb:d8:50:02&apmac=70:4c:a5:9d:0d:28&apip=10.10.100.2&userip=10.0.3.1&ssid=Guest03&apname=PS221ETF18000148&bssid=70:4c:a5:9d:0d:30
Which two settings are the likely causes of the issue? (Choose two.)

  • A. The external server FQDN is incorrect.
  • B. The wireless user’s browser is missing a CA certificate.
  • C. The FortiGate authentication interface address is using HTTPS.
  • D. The user address is not in DDNS form.
Show Suggested Answer Hide Answer
Suggested Answer: AB 🗳️
by Artbrut at March 24, 2024, 5:29 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Artbrut
3 months, 2 weeks ago
Selected Answer: AB
Another hint is p 69 study guide which indicates B could be right
upvoted 1 times
Artbrut
3 months, 1 week ago
Page 369 study guide
upvoted 1 times
...
BBell29128
1 month, 1 week ago
The notation of this being guest would make me automatically assume they don't have the internal CA root and/or intermediate certs in their trusted cert stores.
upvoted 1 times
...
...
Artbrut
3 months, 2 weeks ago
Selected Answer: AC
Okay, have to revert, p 473 is not relevant. A is right because the first part of URL (external captive portal address) is not the same in the certificate B is wrong as a CA certificate would not help, the domains are completely different. C could be right because the captive portal is doing https D is wrong, because the captive portal needs a dns entry, not the user address
upvoted 1 times
...
Artbrut
3 months, 2 weeks ago
Selected Answer: AB
Would assume A and B as per study guide p. 473
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago