FSSO, allowing all FortiGate devices

单选题

FSSO, allowing all FortiGate devices to receive user authentication updates.

After configuring FortiAuthenticator to receive RADIUS accounting messages, users can authenticate,but FortiGate does not enforce the correct policies based on user groups. Upon investigation, theadministrator discovers that FortiAuthenticator is receiving RADIUS accounting messages from theRADIUS server and successfully queries LDAP for user group information. But, FSsO updates are notbeing sent to FortiGate devices and FortiGate firewall policies based on FSSO user groups are notbeing applied.

What is the most likely reason FortiGate is not receiving FSSO updates?

A、

The RADIUS Username and Client IPv4 attributes are not defined on FortiAuthenticator.

B、

The LDAP server is not configured to retrieve group memberships for RSsO users.

C、

FortiAuthenticator is missing the FSSO user group attribute in the configuration.

D、

The FortiAuthenticator interface is not enabled to receive RADIUS accounting messages.

查看答案

下载APP答题

由4l***9a提供分享举报纠错

相关试题

单选题 In a FortiNAC deployment, what does the term "dissolvable agent" refer to?

A、 A cloud-based identity system

B、 A configuration template

C、 A temporary agent downloaded for posture checks

D、 An endpoint license

查看答案

单选题 You're configuring FortiAuthenticator to authenticate users via LDAP. Which syntax correctly defines the LDAP query filter to retrieve usersfrom a specific OU named "Engineering"?

A、

(cn=Engineering)

B、 (ou=Engineering)

C、

objectClass=person)(ou=Engineering)

D、

(OU=Engineering,DC=example,DC=com)

查看答案

单选题 How does FortiAnalyzer contribute to device quarantine actions in a Fortinet Security Fabric?

A、 Provides automatic endpoint disconnection

B、 Reboots affected FortiSwitch ports

C、 Triggers FortiAIOps remediation

D、 Sends log-based event triggers to FortiGate

查看答案

单选题 In addition to requiring a FortiAnalyzer device to configure the Security Fabric, which license must be added to FortiAnalyzer to use Indicators of Compromise (IOC) rules?

A、 IoT Security Add-on license

B、 IOC Subscription license

C、 IOC detection is included on FAZ-Basic license

D、 Threat Detection Service license

查看答案

单选题 You are troubleshooting a Syslog-based single sign-on (SSO) issue on FortiAuthenticator, where user authentication is not being correctly mapped from the syslog messages. You need a tool to diagnose the issue and understand the logs to resolve it quickly. Which tool in FortiAuthenticator can you use to troubleshoot and diagnose a Syslog SSO issue?

A、 Debug logs > Remote Servers > Syslog Viewer

B、 Parsing Test Tool

C、 Debug logs > SSO Sessions page

D、 Debug logs > Single Sign-On > Syslog SSO

查看答案

单选题 You are preparing FortiManager for ZTP. Which CLI command enables provisioning mode?

A、 set allow-register enable

B、 set ztp enable

C、 config system provisioning

D、 set central-mgmt enable

查看答案

单选题 What is the default RSSO attribute FortiAuthenticator uses to group users?