FCP_FAC_AD-6.5 FCP - FortiAuthenticator 6.5 Administrator Questions and Answers

Realms in FortiAuthenticator allow mapping of authentication requests to different back-end databases within a single RADIUS policy, enabling user authentication across multiple directories or identity sources.

In asymmetric cryptography, the public key can be openly shared without compromising security.

It relies on a mathematically linked public and private key pair, where one key encrypts and the other decrypts.

In an active-active HA deployment, FSSO events and seeds are not synchronized between FortiAuthenticator units, as these are instance-specific and typically handled locally on each node.

The second portal rule condition explicitly uses Not with the SSID value "Guest", which means that users connected through the Guest SSID are excluded from accessing the portal, causing the failure for this user.

FortiAuthenticator captive or guest portals support authentication via email verification and third-party identity providers like Microsoft Live for user validation and access control.

If there is time drift between FortiAuthenticator and FortiToken 200 hardware tokens, the one-time passwords generated will no longer match the expected values, causing all two-factor authentication attempts to fail for affected users.