Refer to the exhibit.

What would happen if the highlighted port with connected hosts was placed in both the Forced Registration and Forced Remediation port groups?

1. A. Multiple enforcement groups could not contain the same port.
2. B. Only the higher ranked enforcement group would be applied.
3. C. Both types of enforcement would be applied.
4. D. Enforcement would be applied only to rogue hosts.

Correct Answer: B
In systems like FortiNAC, when a port is designated to be in multiple enforcement groups, it is common for only the higher-priority or higher-ranked group's policies to be applied. This is to prevent conflicting enforcement actions from being attempted on the same port. Although the specific details of the priority or ranking system are not provided in the extracted references, the principle of hierarchical policy enforcement suggests that only the policies of the higher-ranked group would be applied to the port.
References
✑ FortiNAC documentation would typically outline this behavior in sections discussing port group enforcement or policy application.

Which three capabilities does FortiNAC Control Manager provide? (Choose three.)

1. A. Global visibility
2. B. Global authentication security policies
3. C. Global infrastructure device inventory
4. D. Global version control
5. E. Pooled licenses

Correct Answer: ADE

What causes a host's state to change to "at risk"?

1. A. The host has failed an endpoint compliance policy or admin scan.
2. B. The logged on user is not found in the Active Directory.
3. C. The host has been administratively disabled.
4. D. The host is not in the Registered Hosts group.

Correct Answer: A
Failure – Indicates that the host has failed the scan. This option can also be set manually. When the status is set to Failure the host is marked "At Risk" for the selected scan.
Reference: https://docs.fortinet.com/document/fortinac/8.3.0/administration-guide/241168/host-health-and-scanning
p. 244 of the Study Guide, "A state of at-risk indicates the host has failed a scan. This could be a compliance scan or an administrative scan."

Which two things must be done to allow FortiNAC to process incoming syslog messages from an unknown vendor? (Choose two.)

1. A. A security event parser must be created for the device.
2. B. The device sending the messages must be modeled in the Network Inventory view.
3. C. The device must be added as a patch management server.
4. D. The device must be added as a log receiver.

Correct Answer: AB
To allow FortiNAC to process incoming syslog messages from an unknown vendor, two steps must be taken:
✑ Creation of a customized event parser: This enables FortiNAC to parse and integrate syslog messages from any vendor or device, as long as the messages are in CSV, CEF, or Tag/Value format.
✑ Modeling the device in the Topology view: Any device that sends syslog messages to FortiNAC must be modeled in this view. FortiNAC will not process syslog or trap messages unless the source address belongs to a device modeled in the topology.
References
✑ FortiNAC 7.2 Study Guide, pages 428 and 399

Refer to the exhibit.

When a contractor account is created using this template, what value will be set in the accounts Rote field?

1. A. Accounting Contractor
2. B. Eng-Contractor
3. C. Engineer-Contractor
4. D. Conti actor

Correct Answer: C