Download Fortinet NSE 8 Written Exam.NSE8_811.VCEplus.2022-09-02.65q.vcex

Vendor: Fortinet
Exam Code: NSE8_811
Exam Name: Fortinet NSE 8 Written Exam
Date: Sep 02, 2022
File Size: 9 MB
Download Exam

How to open VCEX files?

Files with VCEX extension can be opened by ProfExam Simulator.

Download
ProfExam Simulator

Purchase
Coupon: EXAMFILESCOM

Discount: 20%

ProfExam Simulator ProfExam Simulator ProfExam Simulator ProfExam Simulator ProfExam Simulator

Demo Questions

Question 1
You configured AV and Web filtering for your outgoing Internet connections. You later noticed that not all Web sessions are being inspected and you start troubleshooting the problem.
Referring to the exhibit, what would cause this problem?
     
  1. The Web session is using QUIC which a not inspected by the FortiGate
  2. These are problem with the connection to the Web filter servers, therefore the Web session cannot be categorized.
  3. The SSL inspection options are not set to inspection
  4. Web filtering is not licensed, therefore no inspection occurs.
Correct answer: A
Explanation:
Question 2
You are administrating the FortiGate 5000 and FortiGate 7000 series products. You want to access the HTTPS GU of the blade located n logical slot of the secondary chassis in a high-availability cluster.
Which URL will accomplish this task?
  1. https//192.168.1.99.44302
  2. https//192.168.1.99.44313
  3. https//192.168.1.99.44322
  4. https//192.168.1.99.44323
Correct answer: D
Explanation:
Question 3
   
  
Referring to the exhibit, which two statements are true? (Choose two.)
  1. port13 and port14 on FS448D-A should be connected to port13 and port14 on FS448D-
  2. B. LAG-1 and LAG 2 should be connected to a single 4-port 802 3ad interface on the FortiGate-A.
  3. LAG-3 on switches on FS448D-A and FS448D-B may be connected to a single 802 3ad trunk on another device.
  4. LAG-1 and LAG-2 should be connected to a 4-port single 802 3ad trunk on another device.
Correct answer: AC
Explanation:
https://help.fortinet.com/fos50hlp/56/Content/FortiOS/fortigate-managingfortiswitch/Stacking.htm
https://help.fortinet.com/fos50hlp/56/Content/FortiOS/fortigate-managingfortiswitch/Stacking.htm
Question 4
A customer wants to integrate their on-premise FortiGate with their Azure infrastructure.
Which two components must be in place to configure the Azure Fabric connector? (Choose two.)
  1. FortiGate-VM virtual appliance deployed on-premise.
  2. An inbound policy from the Azure FortiGate-VM virtual appliance.
  3. An outbound policy from the Azure FortiGate-VM virtual appliance.
  4. A FortiGate-VM virtual appliance deployed in Azure.
Correct answer: CD
Explanation:
Question 5
You cannot the FortiGales default gateway 10.10.10 .1 from the FortiGate CLI. The FortiGate interface facing the default gateway is wan 1 and its IP address 10.10 .10 K74 During the troubleshooting, tests, you confirmed that you can plug other IP addresses in the 10.10.10. 0/24 subnet from the FortiGAte CLI without packets lost.
Which two CLI commands will help you to troubleshoot this problem? (Choose two.)
  1. diagnose debug flow filter saddr 10.10.10.1 diagnose debug flow trace start 10
  2. diagnose hardware deviceinfo nic wan1
  3. diagnose ip arp list
  4. diag sniffer packet wan1 'arp and host 10.10.10.1'
Correct answer: AC
Explanation:
Question 6
An organization has one central site and three remote sites. A FortiSIEM has been installed on the central site and now all devices across the remote sites must be centrally monitored by the FortiSIEM at the central site.
Which action will reduce the WAN usage by the monitoring system?
  1. Enable SD-WAN FEC (Forward Error Correction) on the FortiGate at the remote site.
  2. Install both Supervisor and Collector on each remote site.
  3. Install local Collectors on each remote site.
  4. Disable real-time log upload on the remote sites.
Correct answer: C
Explanation:
Question 7
A customer is looking for a way to remove javascripts, macros and hyperlinks from documents traversing the network without affecting the integrity of the content. You propose to use the Content disarm and reconstruction (CDR) feature of the FortiGate.
Which two considerations are valid to implement CDR in this scenario? (Choose two.)
  1. The inspection mode of the FortiGate is not relevant for CDR to operate.
  2. CDR is supported on HTTPS, SMTPS, and IMAPS if deep inspection is enabled.
  3. CDR can only be performed on Microsoft Office Document and PDF files.
  4. Files processed by CDR can have the original copy quarantined on the FortiGate.
Correct answer: CD
Explanation:
Question 8
Refer to the exhibit.
   
The exhibit shows a full-mesh topology between FortiGate and FortiSwitch devices. To deploy this configuration, two requirements must be met:
20 Gbps full duplex connectivity is available between each FortiGate and the FortiSwitch devices
The FortiGate HA must be in AP mode
Referring to the exhibit, what are two actions that will fulfill the requirements? (Choose two.)
  1. Configure the master FortiGate with one LAG and FortiLink split interface disabled on ports connected to cables A and C and make sure the same ports are used for cables B and D on the slave.
  2. Configure the master FortiGate with one LAG and FortiLink split interface enabled on ports connected to cables A and C and make sure the same ports are used for cables B and D on the slave.  
  3. Configure both FortiSwitch devices as peers with ICL over cable E, create one MCLAG on ports connected to cables A and C, and create another MCLAG on ports connected to cables B and 
  4. D. Configure both FortiSwitch devices as peers with ISL over cable E, create one MCLAG on ports connected to cables A and C, and create another MCLAG on ports connected to cables B and D.
Correct answer: AC
Explanation:
Question 9
You want to manage a FortiCloud service. The FortiGate shows up in your list devices on the FortiCloud Web site, but all management functions are either missing or grayed out.
Which statement a correct in this scenario?
  1. The managed FcrtGate a running a version of ForflOS that is either too new or too for FortCloud.
  2. The managed FortiGate requires that a FortiCloud management license be purchased and applied.
  3. You must manually configure system control-management on the FortiGate CLI and set the management type to fortiguard.
  4. The management tunnel mode on the managed FortiGate must be changed to normal.
Correct answer: C
Explanation:
Question 10
Exhibit
   
  
The exhibit shows the steps for creating a URL rewrite policy on a FortiWeb.
Which statement represents the purpose of this policy?
  1. The policy redirects all HTTP URLs to HTTPS.
  2. The policy redirects all HTTPS URLs to HTTP.
  3. The policy redirects only HTTPS URLs containing the ^/ (. *) S string to HTTP.
  4. The pokey redirects only HTTP URLs containing the^/ ( .*)S string to HTTPS.
Correct answer: A
Explanation:
https://help.fortinet.com/fweb/581/Content/FortiWeb/fortiwebadmin/application_delivery.htm#application_delivery_1557589163_940788
https://help.fortinet.com/fweb/581/Content/FortiWeb/fortiwebadmin/application_delivery.htm#application_delivery_1557589163_940788
CONNECT US
HOW TO OPEN VCE FILES

Use VCE Exam Simulator to open VCE files
Avanaset

HOW TO OPEN VCEX AND EXAM FILES

Use ProfExam Simulator to open VCEX and EXAM files
ProfExam Screen

ProfExam
ProfExam at a 20% markdown

You have the opportunity to purchase ProfExam at a 20% reduced price

Get Now!