Latest [Sep 30, 2021] NSE6_FWF-6.4 Exam with Accurate Fortinet NSE 6 - Secure Wireless LAN 6.4 PDF Questions
Take a Leap Forward in Your Career by Earning Fortinet 30 Questions
NEW QUESTION 13
Six APs are located in a remotely based branch office and are managed by a centrally hosted FortiGate. Multiple wireless users frequently connect and roam between the APs in the remote office.
The network they connect to, is secured with WPA2-PSK. As currently configured, the WAN connection between the branch office and the centrally hosted FortiGate is unreliable.
Which configuration would enable the most reliable wireless connectivity for the remote clients?
- A. Configure a tunnel mode wireless network and enable split tunneling to the local network
- B. Configure a bridge mode wireless network and enable the Local standalone configuration option
- C. Configure a bridge mode wireless network and enable the Local authentication configuration option
- D. Install supported FortiAP and configure a bridge mode wireless network
Answer: A
NEW QUESTION 14
Which two statements about distributed automatic radio resource provisioning (DARRP) are correct? (Choose two.)
- A. DARRP performs continuous spectrum analysis to detect sources of interference. It uses this information to allow the AP to select the optimum channel.
- B. DARRP performs measurements of the number of BSSIDs and their signal strength (RSSI). The controller then uses this information to select the optimum channel for the AP.
- C. DARRP measurements can be scheduled to occur at specific times.
- D. DARRP requires that wireless intrusion detection (WIDS) be enabled to detect neighboring devices.
Answer: A,D
Explanation:
DARRP (Distributed Automatic Radio Resource Provisioning) technology ensures the wireless infrastructure is always optimized to deliver maximum performance. Fortinet APs enabled with this advanced feature continuously monitor the RF environment for interference, noise and signals from neighboring APs, enabling the FortiGate WLAN Controller to determine the optimal RF power levels for each AP on the network. When a new AP is provisioned, DARRP also ensures that it chooses the optimal channel, without administrator intervention.
NEW QUESTION 15
Refer to the exhibits.
Exhibit A
Exhibit B
Exhibit C
A wireless network has been installed in a small office building and is being used by a business to connect its wireless clients. The network is used for multiple purposes, including corporate access, guest access, and connecting point-of-sale and IoT devices.
Users connecting to the guest network located in the reception area are reporting slow performance. The network administrator is reviewing the information shown in the exhibits as part of the ongoing investigation of the problem. They show the profile used for the AP and the controller RF analysis output together with a screenshot of the GUI showing a summary of the AP and its neighboring APs.
To improve performance for the users connecting to the guest network in this area, which configuration change is most likely to improve performance?
- A. Enable frequency handoff on the AP to band steer clients
- B. Reduce the number of wireless networks being broadcast by the AP
- C. Install another AP in the reception area to improve available bandwidth
- D. Increase the transmission power of the AP radios
Answer: D
NEW QUESTION 16
When configuring a wireless network for dynamic VLAN allocation, which three IETF attributes must be supplied by the radius server? (Choose three.)
- A. 65 Tunnel-Medium-Type
- B. 83 Tunnel-Preference
- C. 64 Tunnel-Type
- D. 81 Tunnel-Private-Group-ID
- E. 58 Egress-VLAN-Name
Answer: A,C,D
Explanation:
The RADIUS user attributes used for the VLAN ID assignment are:
IETF 64 (Tunnel Type)-Set this to VLAN.
IETF 65 (Tunnel Medium Type)-Set this to 802
IETF 81 (Tunnel Private Group ID)-Set this to VLAN ID.
NEW QUESTION 17
Which factor is the best indicator of wireless client connection quality?
- A. The channel utilization of the channel the client is using
- B. The receive signal strength (RSS) of the client at the AP
- C. Upstream link rate, the connection rate for the client to the AP
- D. Downstream link rate, the connection rate for the AP to the client
Answer: B
Explanation:
SSI, or "Received Signal Strength Indicator," is a measurement of how well your device can hear a signal from an access point or router. It's a value that is useful for determining if you have enough signal to get a good wireless connection.
NEW QUESTION 18
Which administrative access method must be enabled on a FortiGate interface to allow APs to connect and function?
- A. Security Fabric
- B. HTTPS
- C. SSH
- D. FortiTelemetry
Answer: A
NEW QUESTION 19
Which two roles does FortiPresence analytics assist in generating presence reports? (Choose two.)
- A. Reporting potential threats by guests on site
- B. Predicting the number of guest users visiting on-site
- C. Gathering details about on site visitors
- D. Comparing current data with historical records
Answer: B,C
NEW QUESTION 20
When configuring Auto TX Power control on an AP radio, which two statements best describe how the radio responds? (Choose two.)
- A. When the AP detects PF Interference from an unknown source such as a cordless phone with a signal stronger that -70 dBm, it will increase its transmission power until it reaches the maximum configured TX power limit.
- B. When the AP detects any wireless client signal weaker than -70 dBm, it will reduce its transmission power until it reaches the maximum configured TX power limit.
- C. When the AP detects any interference from a trusted neighboring AP stronger that -70 dBm, it will reduce its transmission power until it reaches the minimum configured TX power limit.
- D. When the AP detects any other wireless signal stronger that -70 dBm, it will reduce its transmission power until it reaches the minimum configured TX power limit.
Answer: B,D
NEW QUESTION 21
Part of the location service registration process is to link FortiAPs in FortiPresence.
Which two management services can configure the discovered AP registration information from the FortiPresence cloud? (Choose two.)
- A. AP Manager
- B. FortiAP Cloud
- C. FortiGate
- D. FortiSwitch
Answer: B,C
Explanation:
FortiGate, FortiCloud wireless access points (send visitor data in the form of station reports directly to FortiPresence)
NEW QUESTION 22
When enabling security fabric on the FortiGate interface to manage FortiAPs, which two types of communication channels are established between FortiGate and FortiAPs? (Choose two.)
- A. Control channels
- B. Security channels
- C. FortLink channels
- D. Data channels
Answer: A,D
Explanation:
The control channel for managing traffic, which is always encrypted by DTLS. l The data channel for carrying client data packets.
NEW QUESTION 23
A tunnel mode wireless network is configured on a FortiGate wireless controller.
Which task must be completed before the wireless network can be used?
- A. The wireless network interface must be assigned a Layer 3 address
- B. The wireless network to Internet firewall policy must be configured
- C. Security Fabric and HTTPS must be enabled on the wireless network interface
- D. The new network must be manually assigned to a FortiAP profile.
Answer: B
Explanation:
A FortiGate unit is an industry leading enterprise firewall. In addition to consolidating all the functions of a network firewall, IPS, anti-malware, VPN, WAN optimization, Web filtering, and application control in a single platform, FortiGate also has an integrated Wi-Fi controller.
NEW QUESTION 24
What is the first discovery method used by FortiAP to locate the FortiGate wireless controller in the default configuration?
- A. Broadcast
- B. Static
- C. DHCP
- D. Multicast
Answer: C
NEW QUESTION 25
......
Authentic Best resources for NSE6_FWF-6.4 Online Practice Exam: https://www.testsimulate.com/NSE6_FWF-6.4-study-materials.html