nse4_fgt-72 Exam QuestionsBrowse all questions from this exam
Go to Exam

nse4_fgt-72 Exam - Question 103

Refer to the exhibits.

The exhibits contain a network interface configuration, firewall policies, and a CLI console configuration.

How will the FortiGate device handle user authentication for traffic that arrives on the LAN interface?

Show Answer
Correct Answer: A

The configuration on the FortiGate device as shown in the exhibits indicates that user authentication is required at the interface level (LAN interface). This is enforced through a captive portal that requires users to authenticate. The authentication is restricted to the HR group, which means only users from this group can authenticate successfully. As a result, all users attempting to access the network through the LAN interface will be prompted for authentication, but only those in the HR group will have their credentials accepted.

Discussion

8 comments
Sign in to comment
Halmonte0780Option: A
Jul 24, 2023

Answer is A FortiGate_Security_7.2 page 166 Captive portal will not allow traffic without valid authentication. It happen at interface level, before firewall policy configure on Fortigate: - captive portal authentication required - Authentication failed message for Sales users - Authentication success for HR users - second policy used by HR users Interface LAN (port3) is configured to authenticate and only allow HR to access. " All users will be prompted for authentication, users from the HR group can authenticate successfully with the correct credentials

raydel92Option: A
Sep 14, 2023

A. All users will be prompted for authentication; users from the HR group can authenticate successfully with the correct credentials. FortiGate Security 7.2 Study Guide (p.166): "If you want to have all users connect to a specific interface, then it is better to enable captive portal authentication at the interface level. This way, all devices must authenticate before they are allowed to access any resources." Reference and download study guide: https://ebin.pub/fortinet-fortigate-security-study-guide-for-fortios-72.html

TakumiOption: A
Jul 18, 2023

The answer is A

azmiitOption: A
Aug 13, 2023

answer is A

rian00z_Option: B
Jul 21, 2023

The answer is B

Sreput33Option: B
Aug 13, 2023

The answer B is definitely

laberitcanariasOption: A
Sep 14, 2023

Answer is A Not B: "Alternatively, only on the CLI, you can change the auth-on-demand option to always. This instructs FortiGate to trigger an authentication request, if there is a firewall policy with active authentication enabled. In this case, the traffic is allowed until authentication is successful."

AMK2ENGOption: A
Dec 22, 2023

A. All users will be prompted for authentication; users from the HR group can authenticate successfully with the correct credentials.