NSE4 · Question #463
NSE4 Question #463: Real Exam Question with Answer & Explanation
The correct answer is C: DC agents are not required in the AD domain controllers.. FSSO DC Agentless mode (often referred to as DC mode) is advantageous because it does not require FortiGate FSSO agents to be installed directly on the Active Directory domain controllers, simplifying deployment.
Question
What are the advantages of FSSO DC mode over polling mode?
Options
- ARedundancy in the collector agent.
- BAllows transparent authentication.
- CDC agents are not required in the AD domain controllers.
- DScalability
Explanation
FSSO DC Agentless mode (often referred to as DC mode) is advantageous because it does not require FortiGate FSSO agents to be installed directly on the Active Directory domain controllers, simplifying deployment.
Common mistakes.
- A. Redundancy in the collector agent can be achieved in both DC mode and polling mode, so this is not a unique advantage of DC mode over polling mode.
- B. Both FSSO modes (DC Agentless and Agent-based) aim to provide transparent authentication by mapping users to IP addresses; this is a general benefit of FSSO, not a specific advantage of DC mode over polling.
- D. While FSSO offers scalability, the primary distinguishing advantage of DC Agentless mode over agent-based polling is the reduction in administrative overhead by not requiring agent installation on DCs, rather than a unique scaling benefit.
Concept tested. FortiGate FSSO DC Agentless mode advantages
Reference. https://docs.fortinet.com/document/fortigate/7.4.0/administration-guide/139268/fsso-polling-mode
Topics
Community Discussion
No community discussion yet for this question.