ExamTopics Logo
Mail Us[email protected]
Menu
Fortinet Discussions
exam questions

Exam NSE8_812 All Questions

View all questions & answers for the NSE8_812 exam
Go to Exam

Exam NSE8_812 topic 1 question 26 discussion

Actual exam question from Fortinet's NSE8_812
Question #: 26
Topic #: 1
[All NSE8_812 Questions]

Refer to the exhibits.

Configuration -


Topology -

A FortiGate cluster (CL-1) protects a data center hosting multiple web applications. A pair of FortiADC devices are already configured for SSL decryption (FAD-1), and re-encryption (FAD-2). CL-1 must accept unencrypted traffic from FAD-1, perform application detection on the plain-text traffic, and forward the inspected traffic to FAD-2.
The SSL-Offload-App-Detect application list and SSL-Offload protocol options profile are applied to the firewall policy handling the web application traffic on CL-1.
Given this scenario, which two configuration tasks must the administrator perform on CL-1? (Choose two.)

  • A.
  • B.
  • C.
  • D.
  • E.
Show Suggested Answer Hide Answer
Suggested Answer: AD 🗳️
by semsemccie at Aug. 25, 2023, 3:56 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
JJISHE
4 months ago
Selected Answer: AD
A - (https://docs.fortinet.com/document/fortigate/7.4.3/administration-guide/162551/handling-ssl-offloaded-traffic-from-an-external-decryption-device) D - (https://community.fortinet.com/t5/FortiGate/Technical-Tip-SSL-based-application-detection-over-decrypted/ta-p/196027)
upvoted 2 times
...
pitz
9 months, 2 weeks ago
Selected Answer: AD
A and D, There is no option of https in cli. only http.
upvoted 2 times
...
ama6
9 months, 3 weeks ago
correct is B and D To enable application detection on plain-text traffic that has been decrypted by FortiADC, the administrator must perform two configuration tasks on CL-1: Enable SSL offloading in the firewall policy and select the SSL-Offload protocol options profile. Enable application control in the firewall policy and select the SSL-Offload-App-Detect application list.
upvoted 1 times
...
Viewable8041
10 months, 2 weeks ago
Selected Answer: AD
ssl-offloaded yes SSL decryption and encryption performed by an external device. force-inclusion-ssl-di-sigs enable Enable forced inclusion of signatures which normally require SSL deep inspection.
upvoted 3 times
...
semsemccie
10 months, 3 weeks ago
Answer is A and D
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago