NSE 7 – LAN Edge 7.0 — Question 20

What is the purpose of enabling Windows Active Directory Domain Authentication on FortiAuthenticator?

Answer options

• A. It enables FortiAuthenticator to use Windows administrator credentials to perform an LDAP lookup for a user search.
• B. It enables FortiAuthenticator to use a Windows CA certificate when authenticating RADIUS users.
• C. It enables FortiAuthenticator to import users from Windows AD.
• D. It enables FortiAuthenticator to register itself as a Windows trusted device to proxy authentication using Kerberos.

Correct answer: D

Explanation

The correct answer is D because enabling Windows Active Directory Domain Authentication allows FortiAuthenticator to act as a trusted device in a Windows environment, facilitating Kerberos authentication. Option A is incorrect as it refers to LDAP lookups, which are not the primary purpose of this setting. Option B misrepresents the use of CA certificates, and Option C pertains to user import rather than the authentication process.