A FortiSASE administrator is configuring a Secure Private Access (SPA) solution to share endpoint information with a corporate FortiGate.
Which three configuration actions will achieve this solution? (Choose three.)

1. A. Add the FortiGate IP address in the secure private access configuration on FortiSASE.
2. B. Use the FortiClient EMS cloud connector on the corporate FortiGate to connect to FortiSASE
3. C. Register FortiGate and FortiSASE under the same FortiCloud account.
4. D. Authorize the corporate FortiGate on FortiSASE as a ZTNA access proxy.
5. E. Apply the FortiSASE zero trust network access (ZTNA) license on the corporate FortiGate.

Correct Answer: ABC
To configure a Secure Private Access (SPA) solution to share endpoint information between FortiSASE and a corporate FortiGate, you need to take the following steps:
✑ Add the FortiGate IP address in the secure private access configuration on
FortiSASE:
✑ Use the FortiClient EMS cloud connector on the corporate FortiGate to connect to FortiSASE:
✑ Register FortiGate and FortiSASE under the same FortiCloud account:
References:
✑ FortiOS 7.2 Administration Guide: Provides details on configuring Secure Private Access and integrating with FortiGate.
✑ FortiSASE 23.2 Documentation: Explains how to set up and manage connections between FortiSASE and corporate FortiGate.

What are two advantages of using zero-trust tags? (Choose two.)

1. A. Zero-trust tags can be used to allow or deny access to network resources
2. B. Zero-trust tags can determine the security posture of an endpoint.
3. C. Zero-trust tags can be used to create multiple endpoint profiles which can be applied to different endpoints
4. D. Zero-trust tags can be used to allow secure web gateway (SWG) access

Correct Answer: AB
Zero-trust tags are critical in implementing zero-trust network access (ZTNA) policies. Here are the two key advantages of using zero-trust tags:
✑ Access Control (Allow or Deny):
✑ Determining Security Posture:
References:
✑ FortiOS 7.2 Administration Guide: Provides detailed information on configuring and using zero-trust tags for access control and security posture assessment.
✑ FortiSASE 23.2 Documentation: Explains how zero-trust tags are implemented and used within the FortiSASE environment for enhancing security and compliance.

Which two deployment methods are used to connect a FortiExtender as a FortiSASE LAN extension? (Choose two.)

1. A. Connect FortiExtender to FortiSASE using FortiZTP
2. B. Enable Control and Provisioning Wireless Access Points (CAPWAP) access on the FortiSASE portal.
3. C. Enter the FortiSASE domain name in the FortiExtender GUI as a static discovery server
4. D. Configure an IPsec tunnel on FortiSASE to connect to FortiExtender.

Correct Answer: AC
There are two deployment methods used to connect a FortiExtender as a FortiSASE LAN extension:
✑ Connect FortiExtender to FortiSASE using FortiZTP:
✑ Enter the FortiSASE domain name in the FortiExtender GUI as a static discovery server:
References:
✑ FortiOS 7.2 Administration Guide: Details on FortiExtender deployment methods and configurations.
✑ FortiSASE 23.2 Documentation: Explains how to connect and configure FortiExtender with FortiSASE using FortiZTP and static discovery.

An organization needs to resolve internal hostnames using its internal rather than public DNS servers for remotely connected endpoints. Which two components must be configured on FortiSASE to achieve this? (Choose two.)

1. A. SSL deep inspection
2. B. Split DNS rules
3. C. Split tunnelling destinations
4. D. DNS filter

Correct Answer: BC
To resolve internal hostnames using internal DNS servers for remotely connected endpoints, the following two components must be configured on FortiSASE:
✑ Split DNS Rules:
✑ Split Tunneling Destinations:
References:
✑ FortiOS 7.2 Administration Guide: Provides details on configuring split DNS and split tunneling for VPN clients.
✑ FortiSASE 23.2 Documentation: Explains the implementation and configuration of split DNS and split tunneling for securely resolving internal hostnames.

Which two advantages does FortiSASE bring to businesses with multiple branch offices? (Choose two.)

1. A. It offers centralized management for simplified administration.
2. B. It enables seamless integration with third-party firewalls.
3. C. it offers customizable dashboard views for each branch location
4. D. It eliminates the need to have an on-premises firewall for eachbranch.

Correct Answer: AD
FortiSASE brings the following advantages to businesses with multiple branch offices:
✑ Centralized Management for Simplified Administration:
✑ Eliminates the Need for On-Premises Firewalls:
References:
✑ FortiOS 7.2 Administration Guide: Provides information on the benefits of centralized management and cloud-based security solutions.
✑ FortiSASE 23.2 Documentation: Explains the advantages of using FortiSASE for businesses with multiple branch offices, including reduced need for on-premises firewalls.