23 Questions
Where can access control be implemented if using a FortiGate device within the zone?
At the zone, floor, or plant level
What needs to be placed and secured behind a firewall when using FortiAuthenticator as a remote authentication server?
FortiAuthenticator and any other authentication servers for O.T
In the Purdue model, where can the authentication servers be implemented under the protection of the Edge-FortiGate?
FortiAuthenticator
What can be used for remote users for VPN authentication on the Edge-FortiGate?
Two-factor authentication
What is recommended in most cases regarding the use of a separate authentication server from O.T?
Using a separate authentication server from O.T
What can FortiGate be configured for if using remote authentication within the zone?
Remote authentication and access control
What can be restricted by using FortiGate within the zone, floor, or plant?
Traffic for critical assets
What can be used in the policy to implement access control in the whole O.T network?
FSSO
What can FortiAuthenticator be used as for the entire O.T network if placed under the protection of the Edge-FortiGate?
Remote authentication server
What is recommended when using FortiAuthenticator and any other authentication servers for O.T?
Securing them behind a firewall
What is used for the entire O.T network if using FSSO in the policy to implement access control?
FSSO
What are the authentication methods configured in FortiAuthenticator?
FSSO, RADIUS, two-factor authentication with tokens, and L-DAP tree
What type of authentication is configured on Edge-FortiGate?
VPN with two-factor authentication
What does FortiNAC provide in an O.T environment?
Visibility and control
What does FortiNAC enable in terms of network access?
Granular device identification enables thinly sliced networks
What is the purpose of network micro-segmentation in FortiNAC?
Devices have only the access they require
What is the second part (after visibility) to securing a network environment according to the text?
Controlling network access
What is the purpose of creating granular policies in network access control?
To assign each endpoint exactly the access it needs to perform its job
What is the benefit of knowing and trusting each endpoint in a network environment?
Creating granular policies for access control
What is the role of FortiToken in the network environment?
Shared and used by multiple firewalls, not limited to one firewall or an H-A pair
What type of access is granted to endpoints in the network environment?
Access is granted only to endpoints that are designated as trusted and secure
What can be dynamically adjusted in the network environment according to the text?
Network access based on changes at the device level
What is the function of network access policies in the network environment?
To assign each endpoint exactly the access it needs to perform its job
Test your knowledge of access control device placement with this quiz. Learn about the decision-making process for positioning FortiGate, FortiAuthenticator, and authentication servers within Control Area Zones. Explore the implementation of access control with FortiGate devices and remote authentication.
Make Your Own Quizzes and Flashcards
Convert your notes into interactive study material.
Get started for free