EMT Practice Test

1. Question Content...


Question List

Question1: Refer to the exhibit. A company has a requirement to inspect all the endpoint internet traffic on FortiSASE, and exclude Google Maps traffic from the FortiSASE VPN tunnel and redirect it to the endpoint physical Interface.
Which configuration must you apply to achieve this requirement?

Question2: Refer to the exhibits. A FortiSASE administrator has configured an antivirus profile in the security profile group and applied it to the internet access policy. Remote users are still able to download the eicar.com-zip file from https://eicar.org. Traffic logs show traffic is allowed by the policy.
Which configuration on FortiSASE is allowing users to perform the download?


Question3: In which three ways does FortiSASE help organizations ensure secure access for remote workers? (Choose three.)

Question4: How does FortiSASE hide user information when viewing and analyzing logs?

Question5: Which two deployment methods are used to connect a FortiExtender as a FortiSASE LAN extension? (Choose two.)

Question6: Which FortiSASE feature can you use to see a list of Software-as-a-Service (SaaS) applications and health-check metrics for first-mile connectivity between the geographical points of presence (PoPs) provisioned for your FortiSASE instance and these SaaS applications?

Question7: Which role does FortiSASE play in supporting zero trust network access (ZTNA) principles?

Question8: A customer wants to upgrade their legacy on-premises proxy to a cloud-based proxy for a hybrid network.
Which FortiSASE features would help the customer to achieve this outcome?

Question9: What are two requirements to enable the MSSP feature on FortiSASE? (Choose two.)

Question10: How does integrating endpoint detection and response (EDR) systems into SASE contribute to security posture?

Question11: Which two statements describe a zero trust network access (ZTNA) private access use case?
(Choose two.)

Question12: You are designing a new network for Company X and one of the new cybersecurity policy requirements is that all remote user endpoints must always be connected and protected Which FortiSASE component facilitates this always-on security measure?

Question13: When using Secure Private Access (SPA) and SD-WAN, which protocol is used for spoke-to- spoke connectivity?

Question14: Refer to the exhibit. To allow access, which web filter configuration must you change on FortiSASE?

Question15: Which FortiSASE Secure Private Access (SPA) deployment involves installing FortiClient on remote endpoints?

Question16: Which three ways does FortiSASE provide Secure Private Access (SPA) to corporate, non-web applications? (Choose three.)

Question17: Which two additional components does FortiSASE use for application control to act as an inline- CASB? (Choose two.)

Question18: Which endpoint functionality can you configure using FortiSASE?

Question19: When accessing the FortiSASE portal for the first time, an administrator must select data center locations for which three FortiSASE components? (Choose three.)

Question20: Refer to the exhibits. Win10-Pro and Win7-Pro are endpoints from the same remote location.
Win10-Pro can access the internet though FortiSASE, while Win7-Pro can no longer access the internet.
Given the exhibits, which reason explains the outage on Win7-Pro?

Question21: Refer to the exhibits. A FortiSASE administrator is trying to configure FortiSASE as a spoke to a FortiGate hub. The tunnel is up to the FortiGate hub. However, the administrator is not able to ping the Webserver hosted behind the FortiGate hub.
Based on the output, what is the reason for the ping failures?




Question22: An organization needs to resolve internal hostnames using its internal rather than public DNS servers for remotely connected endpoints. Which two components must be configured on FortiSASE to achieve this? (Choose two.)

Question23: A FortiSASE administrator is configuring a Secure Private Access (SPA) solution to share endpoint information with a corporate FortiGate.
Which three configuration actions will achieve this solution? (Choose three.)

Question24: An organization must block user attempts to log in to non-company resources while using Microsoft Office 365 to prevent users from accessing unapproved cloud resources. Which FortiSASE feature can you implement to achieve this requirement?