ExamTopics Logo
Mail Us[email protected]
Menu
Fortinet Discussions
exam questions

Exam NSE4_FGT-6.0 All Questions

View all questions & answers for the NSE4_FGT-6.0 exam
Go to Exam

Exam NSE4_FGT-6.0 topic 1 question 17 discussion

Actual exam question from Fortinet's NSE4_FGT-6.0
Question #: 17
Topic #: 1
[All NSE4_FGT-6.0 Questions]

Which of the following statements describe WMI polling mode for the FSSO collector agent? (Choose two.)

  • A. The NetSessionEnum function is used to track user logoffs.
  • B. WMI polling can increase bandwidth usage in large networks.
  • C. The collector agent uses a Windows API to query DCs for user logins.
  • D. The collector agent do not need to search any security event logs.
Show Suggested Answer Hide Answer
Suggested Answer: BC 🗳️
by topicx at Oct. 1, 2019, 3:37 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
topicx
Highly Voted 5 years, 7 months ago
i think is C&D
upvoted 10 times
t12345
5 years, 3 months ago
I thought agent-based and polling but rely on security event logs from the DC's
upvoted 1 times
...
...
intaqto
Highly Voted 5 years, 2 months ago
C and D. Page 239, Infrastructure 6.0 Study Guide v2
upvoted 8 times
...
rkchandra
Most Recent 3 years, 1 month ago
C&D is correct
upvoted 1 times
...
albato239
3 years, 5 months ago
Selected Answer: CD
Page 265, Infrastructure 6.4 Study Guide
upvoted 1 times
...
meli_ssa
4 years, 4 months ago
las respuestas son C y D, la explicación aqui: https://kb.fortinet.com/kb/documentLink.do?externalID=FD47732
upvoted 2 times
...
Ctnroger
4 years, 4 months ago
B&D. C is a true statment, but is not what they are asking.
upvoted 1 times
...
Edy_Crank
4 years, 7 months ago
C&D is correct answer : This is from Fortinet 6.2 Training: WMl: A Windows API that gets system information from a Windows server. The DC returns all requested logon events. The collector agent is a WMI client and sends WMI queries for user logon events to the DC, which, in this case, is a WMI server. The collector agent doesn't need to search security event logs on the DC for user logon events; instead, the DC returns all requested logon events. This reduces network load between the collector agent and DC.
upvoted 1 times
...
ipam
4 years, 8 months ago
, DC returns all requested logon events via WMI. This also reduces network load between CA and DC. it means WMI decrease bandwidth usage instead of increasing it.... so B is not correct. C & D is
upvoted 1 times
...
carroyoc
4 years, 10 months ago
3) Event log using WMI polling: WMI is a Windows API to get system information from a Windows server, CA is a WMI client and sends WMI queries for user logon events to DC, which in this case is a WMI server. Main advantage in this mode is that CA does not need to search security event logs on DC for user logon events, instead, DC returns all requested logon events via WMI. This also reduces network load between CA and DC. https://kb.fortinet.com/kb/documentLink.do?externalID=FD47732
upvoted 5 times
georgianp
4 years, 9 months ago
+B(This also reduces network load between CA and DC.) In this case, BCD are correct :)
upvoted 1 times
...
...
montonearm
5 years, 1 month ago
should be C and D
upvoted 6 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago