Question 6 of 30

When configuring a wireless network for dynamic VLAN allocation, which three IETF attributes must be supplied by the radius server? (Choose three.)

    Correct Answer: ABE

    When configuring a wireless network for dynamic VLAN allocation, the three IETF attributes that must be supplied by the RADIUS server are: Tunnel-Private-Group-ID (81), Tunnel-Medium-Type (65), and Tunnel-Type (64). Tunnel-Private-Group-ID (81) is used to specify the VLAN ID. Tunnel-Medium-Type (65) indicates the type of medium used, which should be set to 802. Tunnel-Type (64) specifies the type of tunnel, which should be set to VLAN. These attributes together ensure the correct VLAN configuration for dynamic allocation.

Question 7 of 30

Which two phases are part of the process to plan a wireless design project? (Choose two.)

    Correct Answer: AC

    When planning a wireless design project, the Project information phase and the Site survey phase are crucial. The Project information phase involves gathering all necessary details about the project requirements, client needs, and environmental constraints. The Site survey phase is essential to assess the physical location, signal strengths, and potential interference, which helps in designing an efficient wireless network. These two phases provide the foundational elements required for a successful wireless design project.

Question 8 of 30

When enabling security fabric on the FortiGate interface to manage FortiAPs, which two types of communication channels are established between FortiGate and

FortiAPs? (Choose two.)

    Correct Answer: AD

    When enabling security fabric on the FortiGate interface to manage FortiAPs, two types of communication channels are established. The control channel is used for managing traffic, and it is always encrypted by DTLS to ensure secure communication and command execution. The data channel is used for carrying client data packets, which is essential for transferring network traffic from clients connected to the FortiAPs.

Question 9 of 30

Part of the location service registration process is to link FortiAPs in FortiPresence.

Which two management services can configure the discovered AP registration information from the FortiPresence cloud? (Choose two.)

    Correct Answer: BD

    The two management services that can configure the discovered AP registration information from the FortiPresence cloud are FortiAP Cloud and FortiGate. FortiAP Cloud manages the APs directly in the cloud, providing the necessary configuration capabilities. FortiGate also has the capability to manage FortiAPs, allowing integration with FortiPresence for advanced location services. FortiSwitch is not involved in the direct management of FortiAPs in this context, and AP Manager is not a valid management service for this purpose.

Question 10 of 30

Which two configurations are compatible for Wireless Single Sign-On (WSSO)? (Choose two.)

    Correct Answer: BD

    Wireless Single Sign-On (WSSO) is most compatible with Virtual Access Points (VAPs) configured for enterprise-level security protocols and authentication systems that support user group memberships, such as WPA2 or WPA3 Enterprise and RADIUS servers. WPA2 or WPA3 Enterprise provides a strong security framework suitable for enterprise environments, while the RADIUS server ensures that user credentials are managed centrally, enabling single sign-on capabilities. This configuration allows for a streamlined authentication process and integration with existing enterprise user directories.