FortiNAC has alarm mappings configured for MDM compliance failure, and FortiClient EMS is added as an MDM connector. When an endpoint is quarantined by FortiClient EMS, what action does FortiNAC perform?
B is correct. Page 155.
FortiClient is the persistent agent on the endpoint since the MDM is FortiClient EMS. Endpoint failed the scan. So, FortiNAC Will take actions "On Failure".
If you look at the image in page 155, inside the red square, under "Do not Register. Remediate" it says "Note: Persisten Agent Will always register and mark at risk". So, B is correct: The host is marked at risk.
B is correct.
Registration vlan is used to isolate unregistered rogue devices. This endpoint has failed endpoint complinace and is already quarantined.
Study guide page 85:
Remediation VLAN is used to quarantine devices that failed endpoint compliance.
The host is isolated in the registration VLAN.
This action allows for a balanced approach to maintaining network security while providing an opportunity for the quarantined device to be brought into compliance without immediate and complete network access denial.
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
lucient
9 months, 3 weeks agokinge2
1 year agoFikachew
1 year, 1 month agolil_pc1972
1 year, 2 months ago