Requirement:

The administrator needs to add an authentication server on FortiClient EMS in a different security

zone that cannot allow a direct connection.

Solution Analysis:

The goal is to securely connect FortiClient EMS and the Active Directory server despite being in

different security zones.

Evaluating Options:

Installing FortiClient EMS on the same VM as Active Directory (option B) is not practical due to

security zone separation.

Configuring a slave FortiClient EMS on a virtual machine (option C) does not address the need for

secure communication.

Configuring an Active Directory connector (option D) may not be sufficient without secure routing.

Conclusion:

Deploying a FortiGate device between FortiClient EMS and the Active Directory server ensures

secure and controlled access between the two zones.

Reference:

FortiClient EMS and FortiGate configuration and deployment documentation from the study guides.