Examice

Exam nse7_zta-72 All QuestionsBrowse all questions from this exam

Go to Exam

Question 1

Refer to the exhibit.

Based on the ZTNA logs provided, which statement is true?

The Remote_User ZTNA tag has matched the ZTNA rule.

An authentication scheme is configured.

The external IP for ZTNA server is 10.122.0.139.

Traffic is allowed by firewall policy 1.

Correct Answer: D

The provided logs show that traffic is allowed by policy ID 1, as indicated by 'action="accept"' and 'policyid=1'. Therefore, traffic is being allowed by the specified firewall policy, making this statement true.

Discussion

kinge2Option: B

B is correct as per https://docs.fortinet.com/document/fortigate/7.0.0/new-features/591056/ztna-session-based-form-authentication-7-0-4

jorg_tOption: A

I think it's A. There is no auth scheme, otherwise you would see the "authserver=" field in the log. The field "destip=" is the IP of the real server (backend server) It is a proxy policy, not a firewall policy.

amarsulistioOption: A

Based on the ZTNA logs provided, the true statement is: A) The Remote_user ZTNA tag has matched the ZTNA rule: The log includes a user tag 'ztna_user' and a policy name 'External_Access_FAZ', which suggests that the ZTNA tag for 'Remote_User' has successfully matched the ZTNA rule defined in the policy to allow access. The other options are not supported by the information in the log

Osirisdt89Option: C

D is incorrect, the logs show a proxy policy not a firewall policy. Correct Answer C

Thusi26Option: B

Correct answer is B. There is no "clientdevicetags=" to see in the logs.

SolankimssOption: D

D is correct A Incorrect as there is no tag info in output C -Its destination server IP not extn IP

kfaebuOption: B

I think its B