Fortinet NSE8_812 Fortinet NSE 8 - Written Exam Practice Test

Page: 1 / 14
Total 105 questions
Question 1

Which two types of interface have built-in active bypass in FortiDDoS devices? (Choose two.)



Question 2

Refer to the exhibits.

During the implementation of a Fortinet Security Fabric configuration, CLI commands were issued in the order shown in the exhibit. On the next day, the local admin for FGTC issues the following command:

FGTC # config system csf

set configuration-sync default

end

In this scenario, which outcome is true regarding the "subnet_1" firewall address object on FGTC?



Answer : D


Question 3

A FortiGate is configured to perform outbound firewall authentication with Azure AD as a SAML IdP.

What are two valid interactions that occur when the client attempts to access the internet? (Choose two.)



Answer : A, B


Question 4

Refer to the exhibit.

A customer is trying to setup a Playbook automation using a FortiAnalyzer, FortiWeb and FortiGate. The intention is to have the FortiGate quarantine any source of SQL Injection detected by the FortiWeb. They got the automation stitch to trigger on the FortiGate when simulating an attack to their website, but the quarantine object was created with the IP 0.0.0.0. Referring to the configuration and logs in the exhibits, which two statements are true? (Choose two.)



Answer : A, D


Question 5

A FortiGate running FortiOS 7.2.0 GA is configured in multi-vdom mode with a vdom set to vdom type Admin and another vdom set to vdom type Traffic.

Which two GUI sections are available on both VDOM types? (Choose two.)



Answer : A, B


Question 6

You are designing a setup where the FortiGate device is connected to two upstream ISPs using BGP. Part of the requirement is that you must be able to refresh the route advertisements manually without disconnecting the BGP neighborships.

Which feature must you enable on the BGP neighbors to accomplish this goal?



Answer : D

The soft reconfigure is correct by elimination (FGTs all support BGP Refresh, so question is not worded correctly - to refresh routes in advertisements, there is no need to do manually anything, after the change is committed to config FGT will send BGP Refresh message to the peers to notify them of it. The same is true for Cisco and Juniper routers. The question should ask 'when routing policy was changed' - then yes, reconfiguraiton is the way to notify BGP peers that BGP policy was changed.


Question 7

Refer to the exhibit.

What is happening in this scenario?



Answer : C


Page:    1 / 14   
Total 105 questions