Which two statements about the EAP-TTLS authentication method are true? (Choose two)

A. Uses mutualauthentication

B. Uses digital certificates only on the server side

C. Requires an EAP server certificate

D. Support a port access control (wired) solution only

What are three key features of FortiAuthenticator? (Choose three)

A. Identity management device

B. Log server

C. Certificate authority

D. Portal services

E. RSSO Server

Which network configuration is required when deploying FortiAuthenticator for portal services?

A. FortiAuthenticator must have the REST API access enable on port1

B. One of the DNS servers must be a FortiGuard DNS server

C. Fortigate must be setup as default gateway for FortiAuthenticator

D. Policies must have specific ports open between FortiAuthenticator and the authentication clients

Which three of the following can be used as SSO sources? (Choose three)

A. FortiClient SSO Mobility Agent

B. SSH Sessions

C. FortiAuthenticator in SAML SP role

D. Fortigate

E. RADIUS accounting

Which two statements about the self-service portal are true? (Choose two)

A. Self-registration information can be sent to the user through email or SMS

B. Realms can be used to configure which seld-registeredusers or groups can authenticate on the network

C. Administrator approval is required for all self-registration

D. Authenticating users must specify domain name along with username

Which two features of FortiAuthenticator are used for EAP deployment? (Choose two)

A. Certificate authority

B. LDAP server

C. MAC authentication bypass

D. RADIUS server

Which interface services must be enabled for the SCEP client to connect to Authenticator?

A. OCSP

B. REST API

C. SSH

D. HTTP/HTTPS

Which method is the most secure way of delivering FortiToken data once the token has been seeded?

A. Online activation of the tokens through the FortiGuard network

B. Shipment of the seed files on a CD using a tamper-evident envelope

C. Using the in-house token provisioning tool

D. Automatic token generation using FortiAuthenticator

Refer to the exhibit.

Examine the screenshot shown in the exhibit.

Which two statements regarding the configuration are true? (Choose two)

A. All guest accounts created using the account registration feature will be placed under the Guest_Portal_Users group

B. All accounts registered through the guest portal must be validated through email

C. Guest users must fill in all the fields on the registration form

D. Guest user account will expire after eight hours

Which statement about the guest portal policies is true?

A. Guest portal policies apply only to authentication requests coming from unknown RADIUS clients

B. Guest portal policies can be used only for BYODs

C. Conditions in the policy apply only to guest wireless users

D. All conditions in the policy must match before a user is presented with the guest portal