Fortinet Network Security Expert 8 Written Exam (NSE8 810) 試験
Question No : 1
You have deployed a FortiGate In NAT/Route mode as a secure as a web gateway with a few P-base authentication firewall policies. Your customer reports that some users now have different browsing permission =s from what is expected. All these users are browsing using internet Explorer through Desktop Connection to a Terminal Server. When you took at the Fortigate logs the username for the Terminal Server IP is not consistent.
Which action will correct this problem?
Question No : 2
You cannot the FortiGales default gateway 10.10.10 .1 from the FortiGate CLI. The FortiGate interface facing the default gateway is wan 1 and its IP address 10.10 .10 K74 During the troubleshooting, tests, you confirmed that you can plug other IP addresses in the 10.10.10. 0/24 subnet from the FortiGAte CLI without packets lost.
Which two CLI commands will help you to troubleshoot this problem? (Choose two.)
Question No : 3
You are building a FortiGala cluster which is stretched over two locations. The HA connections for the cluster are terminated on the data centers. Once the FortiGates have booted, they do form a cluster. The network operators inform you that CRC eoors are present on the switches where the FortiGAtes are connected.
What would you do to solve this problem?
Question No : 4
Refer to the Exhibit button.
You need to run a script in FortiManager against managed FortiGate devices in your organization to install a configuration for a new static route.
Which two scripts will successfully configure the static route on the managed device? (Choose two.)
Question No : 5
An Administrator reports continuous high CPU utilization on a FortiGate device due to the IPS engine. The exhibit shows the global IPS configuration.
Which two configuration actions will reduce the CPU usage? (Choose two.)
Question No : 6
Click to the Exhibit button.
You need to apply the security features below to the network shown in the exhibit.
-high grade DDoS protection
-Web security and load balancing for Server1 and Server2
-Solution must be PCI DSS compliant
-Enhanced security to DNS 1 and DNS 2
What are three solutions for this scenario? (Choose three.)
A. FortiWeb forVDOM-A
A. FortDDoS between FG1 and FG2 and the Internet
B. FortiADC for VDOM-A
C. FortADC for VDoM-B
D. FortiDDoS between FG1 and FG2 and VDOMs
Question No : 7
Click the Exhibit button.
You are trying to configure Link-Aggregation Group (LAG), but ports A and B do not appear on the list of member options. Referring to the exhibit, which statement is correct in this situation?
Question No : 8
Click the exhibit.
You created an aggregate interface between your FortiGate and a switch consisting of two 1 Gbps links as shown in the exhibit.
However, the maximum bandwidth never exceeds. 1 Gbps and employees are complaining that the network is slow. After troubleshooting, you notice only one member interface is being used. The configuration for the aggregate interface is shown in the exhibit.
In this scenario, which command will solve this problem?
Question No : 9
Click the Exhibit button.
Referring to the exhibit, which two statements are true about local authentication? (Choose two.)
Question No : 10
A FortOS devices is used for termination of VPNs for number of remote spoke VPN units (designated group A spokes) using a phase 1 main mode dial-up tunnel using pre-shared. Your company recently acquired another organization. You are asked establish VPN correctively for the newly acquired organization's sites which new devices will be provisioned (designated Group B spokes). Both exiting (Group A) and new (Group B) spoke units are dynamically addressed. You are asked to ensure that spokes from the acquired organization (Group B) have different access permission than your existing VPN spokes (Group A).
Which two solutions meet the represents for the new spoke group? (Choose two.)
Question No : 11
Click the Exhibit button.
You log into FortiManager, look at the Device Manager window and notice that one of your managed devices is not in normal status.
Referring to the exhibit, which two statements correctly describe the affected device’s status and result? (Choose two.)
Question No : 12
You deploy a FortiGate device in a remote office based on the requirements shown below.
-- Due to company's security policy, management IP of your FortiGate is not allowed to access the Internet.
-- Apply Web Filtering, Antivirus, IPS and Application control to the protected subnet.
-- Be managed by a central FortiManager in the head office.
Which action will help to achieve the requirements?
Question No : 13
FortiMail configured with the protected domain "internal lab".
Which two envelopes addresses will need an access control rule to relay e-mail sent for unauthenticated users? (Choose two.)
Question No : 14
You want to manage a FortiCloud service. The FortiGate shows up in your list devices on the FortiCloud Web site, but all management functions are either missing or grayed out.
Which statement a correct in this scenario?
Question No : 15
Click the Exhibit button. The exhibit shows the steps for creating a URL rewrite policy on a FortiWeb.
Which statement represents the purpose of this policy?