View all questions & answers for the FCSS - FortiSASE 25 Administrator Exam Materials exam


Question 23 Discussion

What can be configured on FortiSASE as an additional layer of security for FortiClient registration? (Choose one answer)

  • A. security posture tags
  • B. application inventory
  • C. user verification
  • D. device identification
Correct Answer: C

Brave-Dump Clients Votes

C 100%

Comments



Mbuh Mbuh 2025-06-26 22:22:14

Selected Answers: C


Please help confirm: (Study Guide Page 43)
You can request that single sign-on for user onboarding be enabled by opening a ticket with Fortinet Support. The supported user verification method is SAML SSO. The end user must enter their credentials to register FortiClient with FortiSASE. Enabling this feature provides an additional layer of security during Forticlient registration. FortiSASE can be a service provider, while products like FortiAuthenticator, Okta, Etra ID, and so on can act as an Idp for this configuration.

Security Posture Tags – These are applied after registration to enforce compliance (e.g., antivirus status) but don’t secure the registration process itself.

leocopek 2025-07-12 04:52:35

Selected Answers: C


FortiSASE enhances security during managed endpoint client onboarding by enforcing user authentication via SAML SSO, ensuring only authenticated users and endpoints can register. This prevents unauthorized endpoints, even those with a valid invitation code to connect to FortiSASE Management service. For details on client onboarding using Invitation code, see Client onboarding and Managed endpoint client onboarding.