A financial services company is implementing a Zero Trust Network Access (ZTNA) solution. The security policy requires that only corporate-owned Windows devices with the latest OS security patches and active antivirus protection can access the internal accounting application. An administrator has configured ZTNA tags in FortiClient EMS for these posture checks. Which component is responsible for enforcing the access decision based on these tags?
An administrator is deploying FortiClient 7.2 to macOS endpoints using a Mobile Device Management (MDM) solution. The deployment package is pushed successfully, but the clients are not registering to the on-premise FortiClient EMS. Which of the following is the most likely reason for this failure?
A system administrator is analyzing the FortiClient EMS dashboard and notices several endpoints are flagged with high-risk vulnerabilities related to outdated Adobe Acrobat Reader versions. A compliance rule is in place to automatically quarantine devices with critical vulnerabilities. However, none of the affected devices are being quarantined. What is the most likely misconfiguration?
Which two of the following are required to successfully deploy and manage FortiClient on Chromebooks using FortiClient EMS? (Select TWO).
True or False: When using FortiClient EMS to deploy a configuration to Windows endpoints via an MSI package, the EMS server IP address and other settings can be embedded directly into the MSI file itself using the FortiClient Configurator tool.
An administrator needs to configure a ZTNA access rule on a FortiGate that grants access to an internal web server only for users in the 'Developers' Active Directory group whose endpoints are running a company-approved OS version. What is the correct sequence of objects needed in the FortiGate ZTNA rule?
A hospital uses FortiClient EMS to manage endpoints on medical carts. To comply with healthcare regulations, these carts must be prevented from accessing non-medical websites. The administrator has created a Web Filter profile that blocks categories like 'Social Networking' and 'Streaming Media'. Which additional feature should be enabled in the profile to prevent users from accessing blocked sites by typing in their IP addresses?
During the initial setup of a new FortiClient EMS 7.2 instance, the administrator needs to configure the database. The organization has a dedicated Microsoft SQL Server cluster for all applications. Which setting must be configured in the EMS setup wizard to connect to this external database?
An administrator is troubleshooting why a specific Windows endpoint is not receiving the latest endpoint profile update from FortiClient EMS. The endpoint is online and shows as registered in the EMS console. Which diagnostic step should the administrator take first on the affected endpoint?
What is the primary function of the `fctservctl.exe` utility in the context of FortiClient EMS?