ExamTopics Logo
Mail Us[email protected]
Menu
Fortinet Discussions
exam questions

Exam NSE7_OTS-6.4 All Questions

View all questions & answers for the NSE7_OTS-6.4 exam
Go to Exam

Exam NSE7_OTS-6.4 topic 1 question 13 discussion

Actual exam question from Fortinet's NSE7_OTS-6.4
Question #: 13
Topic #: 1
[All NSE7_OTS-6.4 Questions]

An OT supervisor has configured LDAP and FSSO for the authentication. The goal is that all the users be authenticated against passive authentication first and, if passive authentication is not successful, then users should be challenged with active authentication.
What should the OT supervisor do to achieve this on FortiGate?

  • A. Configure a firewall policy with LDAP users and place it on the top of list of firewall policies.
  • B. Enable two-factor authentication with FSSO.
  • C. Configure a firewall policy with FSSO users and place it on the top of list of firewall policies.
  • D. Under config user settings configure set auth-on-demand implicit.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by bigbug at Sept. 23, 2022, 2:55 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
GCISystemIntegrator
1 month ago
Selected Answer: D
only with the command in D option permit to have passive and active auth. with FSSO no user prompt regardless order of any firewall policy.
upvoted 1 times
...
azjlmpang
8 months, 3 weeks ago
Selected Answer: C
C. Configure a firewall policy with FSSO users and place it on the top of list of firewall policies.
upvoted 1 times
...
John1216
10 months, 2 weeks ago
D. Under config user settings configure set auth-on-demand implicit.
upvoted 1 times
...
ollo79
1 year ago
C, auth-on-demand implicit is default
upvoted 2 times
...
ali_red
1 year, 2 months ago
Selected Answer: C
C for sure
upvoted 1 times
...
Spippolo
1 year, 4 months ago
Selected Answer: C
C. When you enable authentication, all the systems will have to authenticated before traffic is placed on egress interface. Alternatively, on the CLI only, you can change the auth-on-demand option to always.
upvoted 1 times
...
cciesam
1 year, 5 months ago
Selected Answer: C
Ans: C
upvoted 1 times
...
Net_Sec2
1 year, 6 months ago
Selected Answer: D
Explanation/Reference: studyguide_page88
upvoted 2 times
...
bigbug
1 year, 9 months ago
C Explanation/Reference: studyguide_page88
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago