Download FCSS-FortiSASE 23 Administrator.FCSS_SASE_AD-23.ExamTopics.2025-05-22.41q.vcex

Vendor: Fortinet
Exam Code: FCSS_SASE_AD-23
Exam Name: FCSS-FortiSASE 23 Administrator
Date: May 22, 2025
File Size: 4 MB
Download Exam

How to open VCEX files?

Files with VCEX extension can be opened by ProfExam Simulator.

Download
ProfExam Simulator

Purchase
Coupon: EXAMFILESCOM

Discount: 20%

ProfExam Simulator ProfExam Simulator ProfExam Simulator ProfExam Simulator ProfExam Simulator
ProfExam Discount

Demo Questions

Question 1
Refer to the exhibit.
The daily report for application usage shows an unusually high number of unknown applications by category.
What are two possible explanations for this? (Choose two.)
  1. Certificate inspection is not being used to scan application traffic.
  2. The inline-CASB application control profile does not have application categories set to Monitor.
  3. Zero trust network access (ZTNA) tags are not being used to tag the correct users.
  4. Deep inspection is not being used to scan traffic.
Correct answer: BD
Question 2
An organization wants to block all video and audio application traffic but grant access to videos from CNN.
Which application override action must you configure in the Application Control with Inline-CASB?
  1. Allow
  2. Pass
  3. Permit
  4. Exempt
Correct answer: A
Question 3
An organization needs to resolve internal hostnames using its internal rather than public DNS servers for remotely connected endpoints.
Which two components must be configured on FortiSASE to achieve this? (Choose two.)
  1. SSL deep inspection
  2. Split DNS rules
  3. Split tunneling destinations
  4. DNS filter
Correct answer: AB
Question 4
Refer to the exhibit.
In the user connection monitor, the FortiSASE administrator notices the user name is showing random characters.
Which configuration change must the administrator make to get proper user information?
  1. Turn off log anonymization on FortiSASE.
  2. Add more endpoint licenses on FortiSASE.
  3. Configure the username using FortiSASE naming convention.
  4. Change the deployment type from SWG to VPN.
Correct answer: A
Question 5
Which FortiSASE feature ensures least-privileged user access to all applications?
  1. secure web gateway (SWG)
  2. SD-WAN
  3. zero trust network access (ZTNA)
  4. thin branch SASE extension
Correct answer: C
Question 6
When you configure FortiSASE Secure Private Access (SPA) with SD-WAN integration, you must establish a routing adjacency between FortiSASE and the FortiGate SD-WAN hub.
Which routing protocol must you use?
  1. BGP
  2. IS-IS
  3. OSPF
  4. EIGRP
Correct answer: A
Question 7
During FortiSASE provisioning, how many security points of presence (POPs) need to be configured by the FortiSASE administrator?
  1. 1
  2. 2
  3. 3
  4. 4
Correct answer: B
Question 8
Which secure internet access (SIA) use case minimizes individual workstation or device setup, because you do not need to install FortiClient on endpoints or configure explicit web proxy settings on web browser-based endpoints?
  1. SIA for inline-CASB users
  2. SIA for agentless remote users
  3. SIA for SSLVPN remote users
  4. SIA for site-based remote users
Correct answer: D
Question 9
A FortiSASE administrator is configuring a Secure Private Access (SPA) solution to share endpoint information with a corporate FortiGate.
Which three configuration actions will achieve this solution? (Choose three.)
  1. Add the FortiGate IP address in the secure private access configuration on FortiSASE.
  2. Use the FortiClient EMS cloud connector on the corporate FortiGate to connect to FortiSASE.
  3. Register FortiGate and FortiSASE under the same FortiCloud account.
  4. Authorize the corporate FortiGate on FortiSASE as a ZTNA access proxy.
  5. Apply the FortiSASE zero trust network access (ZTNA) license on the corporate FortiGate.
Correct answer: BCD
Question 10
Which two deployment methods are used to connect a FortiExtender as a FortiSASE LAN extension? (Choose two.)
  1. Connect FortiExtender to FortiSASE using FortiZTP.
  2. Enable Control and Provisioning Wireless Access Points (CAPWAP) access on the FortiSASE portal.
  3. Enter the FortiSASE domain name in the FortiExtender GUI as a static discovery server.
  4. Configure an IPsec tunnel on FortiSASE to connect to FortiExtender.
Correct answer: AC
Question 11
What are two advantages of using zero-trust tags? (Choose two.)
  1. Zero-trust tags can be used to allow or deny access to network resources.
  2. Zero-trust tags can determine the security posture of an endpoint.
  3. Zero-trust tags can be used to create multiple endpoint profiles which can be applied to different endpoints.
  4. Zero-trust tags can be used to allow secure web gateway (SWG) access.
Correct answer: AB
CONNECT US
HOW TO OPEN VCE FILES

Use VCE Exam Simulator to open VCE files
Avanaset

HOW TO OPEN VCEX AND EXAM FILES

Use ProfExam Simulator to open VCEX and EXAM files
ProfExam Screen

ProfExam
ProfExam at a 20% markdown

You have the opportunity to purchase ProfExam at a 20% reduced price

Get Now!