Is the NSE5-FNC-AD-7-6 practice exam free?

Yes. ExamCademy offers all 58 NSE5-FNC-AD-7-6 practice questions for free with a registered account. No payment needed. Optional supporter features add AI explanations and spaced repetition study tools.

How accurate are the NSE5-FNC-AD-7-6 practice questions?

All NSE5-FNC-AD-7-6 questions are community-created and reviewed by moderators to align with Fortinet's published exam objectives. The community continuously reports and fixes issues to keep content accurate and up to date.

How should I study for the NSE5-FNC-AD-7-6 exam?

Start by browsing practice questions to identify weak areas. Use spaced repetition (Learn Mode) to focus study time on topics you struggle with. Combine practice questions with official Fortinet documentation and hands-on experience for best results.

NSE5-FNC-AD-7-6 Practice Exam — Free 58+ Questions

58Practice Questions

3Study Modes

FreeTo Get Started

Topic:Sort:

Question 1

Troubleshooting

Policy and objects

Question 23

Advanced configuration

Question 24

Troubleshooting

That's the end of the Preview

This exam has 58 community-verified practice questions. Create a free account to access all questions, comments, and explanations.

Topics covered:

AdministrationDevice managerPolicy and objectsAdvanced configurationTroubleshooting

Log In / Sign Up

Page 1 of 3 • Questions 1-25 of 58

1 2 3

→

Know a question that should be here? Contribute to this exam

While discovering network infrastructure devices, a switch appears in the inventory topology with a question mark (?) on the icon.
What would cause this?

A The wrong SNMP community string was entered during discovery.
B The SNMP ObjectID is not recognized by FortiNAC-F.
C A read-only SNMP community string was used.
D SNMP is not enabled on the switch.

An administrator manages a corporate environment where all users log into the corporate domain each time they connect to the network. The administrator wants to leverage login scripts to use a FortiNAC-F agent to enhance endpoint visibility.
Which agent can be deployed as part of a login script?

A Persistent
B Dissolvable
C Mobile
D Passive

An administrator wants to build a security rule that will quarantine contractors who attempt to access specific websites.
In addition to a user host profile, which two components must the administrator configure to create the security rule? (Choose two.)

A Methods
B Action
C Endpoint compliance policy
D Trigger
E Security String

A network administrator is troubleshooting a network access issue for a specific host. The administrator suspects the host is being assigned a different network access policy than expected.
Where would the administrator look to identify which network access policy, if any, is being applied to a particular host?

A The Policy Logs view
B The Connections view
C The Policy Details view for the host
D The Port Properties view of the hosts port

A user was attempting to register their host through the registration captive portal. After successfully registering, the host remained in the registration VLAN.
Which two conditions would cause this behavior? (Choose two.)

A The wrong agent is installed.
B There is no agent installed on the host.
C The port default VLAN is the same as the Registration VLAN.
D There is another unregistered host on the same port.

When configuring isolation networks in the configuration wizard, why does a layer 3 network type allow for more than one DHCP scope for each isolation network type?

A The layer 3 network type allows for one scope for each possible host status.
B Configuring more than one DHCP scope allows for DHCP server redundancy.
C There can be more than one isolation network of each type.
D Any scopes beyond the first scope are used if the initial scope runs out of IP addresses.

When FortiNAC-F is managing VPN clients connecting through FortiGate, why must the clients run a FortiNAC-F agent?

A To transparently update the client IP address upon successful authentication
B To collect user authentication details
C To collect the client IP address and MAC address
D To validate the endpoint policy compliance

When creating a device profiling rule, what are two advantages of registering the device in the host view? (Choose two.)

A The devices can be managed as a generic SNMP device.
B The devices will have connection logs.
C The devices can be associated with a user.
D The devices can be polled for connection status.

How can an administrator configure FortiNAC-F to normalize incoming syslog event levels across vendors?

A Configure severity mappings.
B Configure the vendor OUI settings.
C Configure the security rule settings.
D Configure event to alarm mappings.

Refer to the exhibit.

Question Image

What would FortiNAC-F generate if only one of the security filters is satisfied?

A A normal alarm
B A security event
C A security alarm
D A normal event

An administrator wants FortiNAC-F to return a group of user-defined RADIUS attributes in RADIUS responses.
Which condition must be true to achieve this?

A The requesting device must support RFC 5176.
B Inbound RADIUS requests must contain the Calling-Station-ID attribute.
C The device models in the inventory view must be configured for proxy-based authentication.
D RADIUS accounting must be enabled on the FortiNAC-F RADIUS server configuration.

When configuring FortiNAC-F to manage FortiGate VPN users, an endpoint compliance policy must be created for the integration.
Why is the endpoint compliance policy necessary for this type of integration?

A To designate the required agent type
B To validate the VPN user credentials
C To confirm the installed endpoint certificate
D To validate the VPN client being used

An administrator wants to build device profiling rules based on network traffic, but the network session view is not populated with any records.
Which two settings can be enabled to gather network session information? (Choose two.)

A Network traffic polling on any modeled infrastructure device
B Firewall session polling on modeled FortiGate devices
C Netflow setting in the FortiNAC-F interfaces
D Layer 3 polling on the infrastructure devices

An organization wants to add a FortiNAC-F Manager to simplify their large FortiNAC-F deployment.
Which two policy types can be managed globally? (Choose two.)

A Authentication
B Endpoint Compliance
C Supplicant EasyConnect
D Network Access

When creating a user or host profile, which three criteria can you apply? (Choose three.)

A Host or user group memberships
B Host or user attributes
C Adapter current VLAN
D An applied access policy
E Location

While deploying FortiNAC-F devices in a 1+1 HA configuration, the administrator has chosen to use the shared IP address option.
Which condition must be met for this type of deployment?

A The isolation network type is Layer 3.
B There is a direct cable link between FortiNAC-F devices.
C The primary and secondary administrative interfaces are on the same subnet.
D The isolation network type is Layer 2.

What must an administrator configure to allow FortiNAC-F to process incoming syslog messages that are not supported by default?

A A Syslog Service Connector
B A Security Action
C A Security Event Parser
D A Log Receiver

Refer to the exhibit.

Question Image

What will happen to the host of a guest user created from this template if the time of connection is 8:00 PM?

A The host will be marked as non-authenticated.
B The host will be marked as a rogue device.
C The host will be marked as at-risk.
D The host will be administratively disabled.

Refer to the exhibit.

Question Image

If a host is connected to a port in the Building 1 First Floor Ports group, what must also be true to match this user/host profile?

A The host must have a role value of contractor, an installed persistent agent of a security access value of contractor, and be connected between 6 AM and 5 PM.
B The host must have a role value of contractor or an installed persistent agent, a security access value of contractor, and be connected between 9 AM and 5 PM.
C The host must have a role value of contractor or an installed persistent agent or a security access value of contractor, and be connected between 6 AM and 5PM.
D The host must have a role value of contractor or an installed persistent agent and a security access value of contractor, and be connected between 6 AM and 5PM.

Refer to the exhibits.

Question Image

Based on the given configurations and settings, on which date and time would a guest account created at 8:00 AM on 2025/09/12 expire?

A 2025/09/12 at 8:00 PM
B 2025/09/12 at 7:00 PM
C 2025/09/12 at 17:00:00
D 2025/09/13 at 17:00:00

During an evaluation of state-based enforcement, an administrator discovers that ports that should not be under enforcement have been added to enforcement groups.
In which view would the administrator be able to identify who added the ports to the groups?

A The Admin Auditing view
B The Event Management view
C The Port Changes view
D The Security Events view

Refer to the exhibit.

Question Image

An administrator wants to use FortiNAC-F to automatically provision printers throughout their organization. Each building uses its own local VLAN for printers.
Which FortiNAC-F feature would allow this to be accomplished with a single network access policy?

A Dynamic host groups
B Logical networks
C Device profiling rules
D Preferred VLAN designations

Where should you configure MAC notification traps on a supported switch?

A Only on ports that generate linkup and linkdown traps
B Only on ports defined as learned uplinks
C On all ports on the switch
D On all ports except uplink ports

Refer to the exhibit.

Question Image

What will occur if CA-2 fails?

A CA-1 and CA-3 will operate as a 1+1 HA cluster with CA-3 acting as a hot standby.
B CA-3 will continue to operate as a secondary in an N+1 HA configuration.
C CA-3 will be promoted to a primary and share management responsibilities with CA-1.
D CA-3 will be promoted to a primary and FortiNAC-F manager will load balance between CA-1 and CA-3.

NSE5-FNC-AD-7-6Preview

About the NSE5-FNC-AD-7-6 Exam

Question 1

Question 2

Question 3

Question 4

Question 5

Question 6

Question 7

Question 8

Question 9

Question 10

Question 11

Question 12

Question 13

Question 14

Question 15

Question 16

Question 17

Question 18

Question 19

Question 20

Question 21

Question 22

Question 23

Question 24

That's the end of the Preview

NSE5-FNC-AD-7-6Preview

About the NSE5-FNC-AD-7-6 Exam

Mode Selection

Question 1

Question 2

Question 3

Question 4

Question 5

Question 6

Question 7

Question 8

Question 9

Question 10

Question 11

Question 12

Question 13

Question 14

Question 15

Question 16

Question 17

Question 18

Question 19

Question 20

Question 21

Question 22

Question 23

Question 24

That's the end of the Preview