NSE 7 – Zero Trust Access 7.2 — Question 2
FortiNAC has alarm mappings configured for MDM compliance failure, and FortiClient EMS is added as an MDM connector.
When an endpoint is quarantined by FortiClient EMS, what action does FortiNAC perform?
Answer options
- A. The host is isolated in the registration VLAN.
- B. The host is marked at risk.
- C. The host is forced to authenticate again.
- D. The host is disabled.
Correct answer: B
Explanation
The correct answer is B because when FortiClient EMS quarantines an endpoint, FortiNAC marks it as at risk to indicate potential compliance issues. The other options describe actions that do not occur in response to the quarantine event: isolating in a registration VLAN, forcing re-authentication, or disabling the host are not the correct responses in this scenario.