Refer to the exhibit, which shows a partial output of the fssod daemon real-time debug command. What two conclusions can you draw from the output? (Choose two.)
A.
Fortinet Single Sign-On (FSSO) is using DC Agent mode to detect logon events.
B.
FortiGate is frequently polling the workstation, in case the user has logged off.
C.
The collector agent cannot verify if the user is still logged in.
D.
FortiGate polled this event through TCP port 8000.
E.
FSSO is using agentless polling mode to detect logon events.
Exact exemple of "Agentless Polling Mode" on Network Security Support Engineer 7.4 Study Guide p 216 -> not agent mode
Agentless polling use port445, not port 8000 (agent mode)
Answers are A & C.
There's no indication of workstation polling, there's no mention of TCP port 8000 in the log and the log indicates a Windows Event ID from a DC.
In agentless polling mode, FortiGate frequently polls all workstations (as a standalone collector agent does) to check which users are still logged in.
To enable agentless polling mode real-time debug use the command:
diagnose debug application fssod -1
Pagina 215,216 Network_Security_Support_Engineer_7.4_Study_Guide
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
d9eeb6d
1 week agoRadicalcactus
1 month agoIBB90704
1 month ago