Exam FCP_FCT_AD-7.2 topic 1 question 6 discussion

A. ZTNA full mode

Keywords here are Remote Access. D is for on-prem/on-net access. Remote access is full ztna, so the correct answer would be A.

Correct Answer (D) ZTNA IP/MAC filtering mode Page 165 FortiGate Infrastructure 7.2 Study Guide ZTNA has two modes: • ZTNA access proxy allows users to securely access resources through an SSL-encrypted access proxy. This simplifies remote access by eliminating the use of VPNs. • IP/MAC filtering uses ZTNA tags to provide an additional factor for identification, and a security posture check to implement role-based zero-trust access. IP/MAC-based access control enhances security when endpoints are physically located on the corporate network, whereas ZTNA access proxy focuses on access for remote users. IP/MAC-based access control combines IP/MAC with ZTNA tags for identification and security posture check to implement role-based zero-trust access. Firewall policies are configured that use ZTNA tags to control access between on-net devices and an internal webserver. This mode does not require the use of the access proxy, and only uses ZTNA tags for access control

ZTNA (Zero Trust Network Access) IP/MAC filtering mode simplifies remote access by verifying users based on their device's IP address or MAC address, eliminating the need for user credentials. This method is ideal when administrators want seamless access control for trusted devices while maintaining security.

ZTNA (Zero Trust Network Access) IP/MAC Filtering Mode is an access control method that grants or denies access to a network or service based on the IP address or MAC address of the device attempting to connect, rather than relying on user credentials.