NSE 6 – Network Security Specialist — Question 4

You are a FortiAuthenticator administrator for a large organization, and suddenly all of the FortiToken 200 users in the organization are unable to authenticate using their tokens. What is the most probable reason?

Answer options

• A. The FortiAuthenticator system time is not synchronized using NTP and has drifted.
• B. The X.509 certificates on the tokens, or the root CA certificate that signed the certificates, have been revoked.
• C. The clocks on all the tokens have drifted and require re-synchronizing.
• D. The tokens have all been locked.

Correct answer: A, C

Explanation

The correct answer is A because if the FortiAuthenticator's system time is not synchronized, it can lead to authentication failures, as the tokens rely on accurate time for generating valid responses. Option C is also plausible, but the most probable reason given the context is A. Options B and D do not address time synchronization issues, which are critical for token authentication.