Amazon
Avaya
Cisco
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL
Juniper
Microsoft
NVIDIA
Okta
Palo Alto Networks
Salesforce
SAP
ServiceNow
All Vendors
  1. Home
  2. Fortinet
  3. NSE5_FNC_AD-7.6

Fortinet NSE5_FNC_AD-7.6 Exam (page: 2)
Fortinet NSE 5 - FortiNAC-F 7.6 Administrator
Updated on: 06-Apr-2026

Viewing Page 2 of 9
NSE5_FNC_AD-7.6 PDF 58 Questions

An administrator has created several device profiling rules and evaluated all existing devices in the database. Some of the devices appear in the profiled devices view because they matched a rule, but they remain unknown and the registration column in the profiled devices view shows "No".

What is the most likely cause?

  1. The confirm device profiling rule option is not enabled.
  2. The devices match more than one device profiling rule.
  3. The device profiling rule has registration set to manual.
  4. The devices have persistent agents installed, and the point of connection has PA optimization enabled.

Answer(s): A

Explanation:

When the confirm device profiling rule option is not enabled, devices that match a profiling rule are identified and appear in the profiled devices view, but they are not automatically promoted from unknown to registered.
As a result, the devices remain in an unknown state and the registration column continues to show "No" despite
a successful rule match.



Where should you configure MAC notification traps on a supported switch?

  1. Only on ports that generate linkup and linkdown traps
  2. Only on ports defined as learned uplinks
  3. On all ports on the switch
  4. On all ports except uplink ports

Answer(s): C

Explanation:

MAC notification traps must be enabled on all ports of a supported switch so FortiNAC-F can receive MAC address learning and movement events regardless of where endpoints connect. This comprehensive coverage ensures accurate device discovery, tracking, and enforcement across the entire switch.



Refer to the exhibit.



What will occur if CA-2 fails?

  1. CA-1 and CA-3 will operate as a 1+1 HA cluster with CA-3 acting as a hot standby.
  2. CA-3 will continue to operate as a secondary in an N+1 HA configuration.
  3. CA-3 will be promoted to a primary and share management responsibilities with CA-1.
  4. CA-3 will be promoted to a primary and FortiNAC-F manager will load balance between CA-1 and CA-3.

Answer(s): D

Explanation:

In an N+1 HA architecture managed by a FortiNAC-F Manager, if a primary CA fails, an available secondary CA is automatically promoted to primary. After CA-2 fails, CA-3 is promoted to a primary role, and the FortiNAC-F Manager load balances management and enforcement responsibilities between the remaining primary CAs, CA-1 and CA-3.



During an evaluation of state-based enforcement, an administrator discovers that ports that should not be under enforcement have been added to enforcement groups.

In which view would the administrator be able to identify who added the ports to the groups?

  1. The Admin Auditing view
  2. The Event Management view
  3. The Port Changes view
  4. The Security Events view

Answer(s): A

Explanation:

The Admin Auditing view records administrative actions performed within FortiNAC-F, including configuration changes such as adding ports to enforcement groups. This view allows administrators to identify which user made the change and when it occurred.



Refer to the exhibit.



An administrator wants to use FortiNAC-F to automatically provision printers throughout their organization.
Each building uses its own local VLAN for printers.

Which FortiNAC-F feature would allow this to be accomplished with a single network access policy?

  1. Dynamic host groups
  2. Logical networks
  3. Device profiling rules
  4. Preferred VLAN designations

Answer(s): B

Explanation:

Logical networks allow FortiNAC-F to map the same device type, such as printers, to different local VLANs based on where the device connects. This enables a single network access policy to dynamically assign printers to the correct building-specific printer VLAN without creating separate policies for each location.



Refer to the exhibit.



If a host is connected to a port in the Building 1 First Floor Ports group, what must also be true to match this user/host profile?

  1. The host must have a role value of contractor, an installed persistent agent of a security access value of contractor, and be connected between 6 AM and 5 PM.
  2. The host must have a role value of contractor or an installed persistent agent, a security access value of contractor, and be connected between 9 AM and 5 PM.
  3. The host must have a role value of contractor or an installed persistent agent or a security access value of contractor, and be connected between 6 AM and 5PM.
  4. The host must have a role value of contractor or an installed persistent agent and a security access value of contractor, and be connected between 6 AM and 5PM.

Answer(s): D

Explanation:

The profile requires the host to satisfy the attribute logic where either the role is contractor or a persistent agent is present, and the security access value must be contractor. In addition, the location condition restricts the match to Building 1 First Floor Ports, and the time condition limits access to the defined business hours of 6:00 AM to 5:00 PM.



Refer to the exhibit.



What will happen to the host of a guest user created from this template if the time of connection is 8:00 PM?

  1. The host will be marked as non-authenticated.
  2. The host will be marked as a rogue device.
  3. The host will be marked as at-risk.
  4. The host will be administratively disabled.

Answer(s): A

Explanation:

The guest template restricts login availability to the defined time window ending at 7:00 PM. If the host attempts to connect at 8:00 PM, authentication is not permitted, so the host remains in a non-authenticated state until it connects within the allowed time period.



Refer to the exhibits.





Based on the given configurations and settings, on which date and time would a guest account created at 8:00 AM on
/12 expire?


  1. /12 at 8:00 PM

  2. /12 at 7:00 PM

  3. /12 at 17:00:00

  4. /13 at 17:00:00

Answer(s): D

Explanation:

The account creation wizard shows the account start date/time as
/12 08:00:00 and the configured account end date/time as
/13 17:00:00. The guest account will therefore expire at the end date/time displayed in the wizard.



Viewing Page 2 of 9



Share your comments for Fortinet NSE5_FNC_AD-7.6 exam with other users:

Andy 12/6/2023 5:56:00 AM

very valid questions
Anonymous


Mamo 8/12/2023 7:46:00 AM

will these question help me to clear pl-300 exam?
UNITED STATES


Marial Manyang 7/26/2023 10:13:00 AM

please provide me with these dumps questions. thanks
Anonymous


Amel Mhamdi 12/16/2022 10:10:00 AM

in the pdf downloaded is write google cloud database engineer i think that it isnt the correct exam
FRANCE


Angel 8/30/2023 10:58:00 PM

i think you have the answers wrong regarding question: "what are three core principles of web content accessibility guidelines (wcag)? answer: robust, operable, understandable
UNITED STATES


SH 5/16/2023 1:43:00 PM

these questions are not valid , they dont come for the exam now
UNITED STATES


sudhagar 9/6/2023 3:02:00 PM

question looks valid
UNITED STATES


Van 11/24/2023 4:02:00 AM

good for practice
Anonymous


Divya 8/2/2023 6:54:00 AM

need more q&a to go ahead
Anonymous


Rakesh 10/6/2023 3:06:00 AM

question 59 - a newly-created role is not assigned to any user, nor granted to any other role. answer is b https://docs.snowflake.com/en/user-guide/security-access-control-overview
Anonymous


Nik 11/10/2023 4:57:00 AM

just passed my exam today. i saw all of these questions in my text today. so i can confirm this is a valid dump.
HONG KONG


Deep 6/12/2023 7:22:00 AM

needed dumps
INDIA


tumz 1/16/2024 10:30:00 AM

very helpful
UNITED STATES


NRI 8/27/2023 10:05:00 AM

will post once the exam is finished
UNITED STATES


kent 11/3/2023 10:45:00 AM

relevant questions
Anonymous


Qasim 6/11/2022 9:43:00 AM

just clear exam on 10/06/2202 dumps is valid all questions are came same in dumps only 2 new questions total 46 questions 1 case study with 5 question no lab/simulation in my exam please check the answers best of luck
Anonymous


Cath 10/10/2023 10:09:00 AM

q.112 - correct answer is c - the event registry is a module that provides event definitions. answer a - not correct as it is the definition of event log
VIET NAM


Shiji 10/15/2023 1:31:00 PM

good and useful.
INDIA


Ade 6/25/2023 1:14:00 PM

good questions
Anonymous


Praveen P 11/8/2023 5:18:00 AM

good content
UNITED STATES


Anastasiia 12/28/2023 9:06:00 AM

totally not correct answers. 21. you have one gcp account running in your default region and zone and another account running in a non-default region and zone. you want to start a new compute engine instance in these two google cloud platform accounts using the command line interface. what should you do? correct: create two configurations using gcloud config configurations create [name]. run gcloud config configurations activate [name] to switch between accounts when running the commands to start the compute engine instances.
Anonymous


Priyanka 7/24/2023 2:26:00 AM

kindly upload the dumps
Anonymous


Nabeel 7/25/2023 4:11:00 PM

still learning
Anonymous


gure 7/26/2023 5:10:00 PM

excellent way to learn
UNITED STATES


ciken 8/24/2023 2:55:00 PM

help so much
Anonymous


Biswa 11/20/2023 9:28:00 AM

understand sql col.
Anonymous


Saint Pierre 10/24/2023 6:21:00 AM

i would give 5 stars to this website as i studied for az-800 exam from here. it has all the relevant material available for preparation. i got 890/1000 on the test.
Anonymous


Rose 7/24/2023 2:16:00 PM

this is nice.
Anonymous


anon 10/15/2023 12:21:00 PM

q55- the ridac workflow can be modified using flow designer, correct answer is d not a
UNITED STATES


NanoTek3 6/13/2022 10:44:00 PM

by far this is the most accurate exam dumps i have ever purchased. all questions are in the exam. i saw almost 90% of the questions word by word.
UNITED STATES


eriy 11/9/2023 5:12:00 AM

i cleared the az-104 exam by scoring 930/1000 on the exam. it was all possible due to this platform as it provides premium quality service. thank you!
UNITED STATES


Muhammad Rawish Siddiqui 12/8/2023 8:12:00 PM

question # 232: accessibility, privacy, and innovation are not data quality dimensions.
SAUDI ARABIA


Venkat 12/27/2023 9:04:00 AM

looks wrong answer for 443 question, please check and update
Anonymous


Varun 10/29/2023 9:11:00 PM

great question
Anonymous