Question 1

Which two statements about asymmetric cryptography are true? (Choose two.)

APrivate keys are distributed in the server's digital certificates

BIt distributes key pairs to both the client and the server

CThe public key can be openly distributed

DIt uses a mathematically linked public and private key pair

Answer : C, D

In asymmetric cryptography, the public key can be openly shared without compromising security.

It relies on a mathematically linked public and private key pair, where one key encrypts and the other decrypts.

Question 2

Refer to the exhibit.

Examine the RADIUS policy configuration shown in the exhibit. A user attempts to authenticate by entering the username jdoe@example.com and their password.

Which realm will the user be authenticated against?

ACorp-2, but only if the user has a local account

BCorporate

CLocal

DLocal, but only if the account is a member of the FWAdmins group

Answer : B

Since the username includes the realm @example.com but does not match any configured realm exactly, and the option Use default realm when user-provided realm is different from all configured realms is enabled, the default realm is used - in this case, corporate.

Question 3

At a minimum, which two configurations are required to enable captive portal services on FortiAuthenticator? (Choose two.)

AConfiguring at least one pre-login service

BConfiguring a portal policy

CConfiguring an external authentication portal

DConfiguring a RADIUS client

Answer : A, B

A pre-login service must be configured to define how users can access the portal before authentication.

A portal policy is required to determine authentication rules and behavior for captive portal access.

Question 4

Why would you configure an OCSP responder URL in an end-entity certificate?

ATo identify the end point that a certificate has been assigned to

BTo designate a server for certificate status checking

CTo provide the CRL location for the certificate

DTo designate the SCEP server to use for CRL updates for that certificate

Answer : B

Configuring an OCSP responder URL in an end-entity certificate designates the server that will be queried to check the real-time revocation status of the certificate.

Question 5

When creating an administrative user, what capabilities does the Web service access option provide?

AAccess to the administrative GUI from outside the local subnet

BManagement of enabled web services on the FortiAuthenticator interface

CAccess to web services using the REST API

DProvides management access for all portal service configurations

Answer : C

The Web service access option grants the administrative user permission to access FortiAuthenticator's web services via the REST API, enabling programmatic management and automation.

Free Practice Questions for Fortinet FCP_FAC_AD-6.5 Exam

Question 1

Question 2

Question 3

Question 4

Question 5