NSE8 Actual Exam Questions

Last updated on Dec. 13, 2024.
Vendor:Fortinet
Exam Code:NSE8
Exam Name:Fortinet Network Security Expert 8 Written (800)
Exam Questions:65
 

Topic 1 - Single Topic

Question #1 Topic 1

The dashboard widget indicates that FortiGuard Web Filtering is not reachable. However, AntiVirus, IPS, and Application Control have no problems as shown in the exhibit.

You contacted Fortinets customer service and discovered that your FortiGuard Web Filtering contract is still valid for several months.
What are two reasons for this problem? (Choose two.)

  • A. You have another security device in front of FortiGate blocking ports 8888 and 53.
  • B. FortiGuard Web Filtering is not enabled in any firewall policy.
  • C. You did not enable Web Filtering cache under Web Filtering and E-mail Filtering Options.
  • D. You have a firewall policy blocking ports 8888 and 53.
Reveal Solution Hide Solution   Discussion   1

Correct Answer: AB 🗳️
If Web filtering shows unreachable then we have to verify, whether web filtering enabled in security policies or not.
Web filtering enabled in a policy but the port 8888 and 53 are not selected, means the policy blocking the ports.
Reference:
http://cookbook.fortinet.com/troubleshooting-web-filtering/

Question #2 Topic 1

A customer is authenticating users using a FortiGate and an external LDAP server. The LDAP user, John Smith, cannot authenticate. The administrator runs the debug command diagnose debug application fnbamd 255 while John Smith attempts the authentication:
Based on the output shown in the exhibit, what is causing the problem?

  • A. The LDAP administrator password in the FortiGate configuration is incorrect.
  • B. The user, John Smith, does have an account in the LDAP server.
  • C. The user, John Smith, does not belong to any allowed user group.
  • D. The user, John Smith, is using an incorrect password.
Reveal Solution Hide Solution   Discussion   3

Correct Answer: D 🗳️

Question #3 Topic 1


The exhibit shows an explicit Web proxy configuration in a FortiGate device. The FortiGate is installed between a client with the IP address 172.16.10.4 and a
Web server using port 80 with the IP address 10.10.3.4. The client Web browser is properly sending HTTP traffic to the FortiGate Web proxy IP address
172.16.10.254.
Which two sniffer commands will capture this HTTP traffic? (Choose two.)

  • A. diagnose sniffer packet any ‘host 172.16.10.4 and host 172.16.10.254’ 3
  • B. diagnose sniffer packet any ‘host 172.16.10.254 and host 10.10.3.4’ 3
  • C. diagnose sniffer packet any ‘host 172.16.10.4 and port 8080’ 3
  • D. diagnose sniffer packet any ‘host 172.16.10.4 and host 10.10.3.4’ 3
Reveal Solution Hide Solution   Discussion   3

Correct Answer: CD 🗳️
Sniffer should run between webproxy to webserver
And also Sniffer between client machine to web proxy connectivity as it is in explicit mode.
Reference:
http://www.maxnetwork.org/fortigate-packet-capture

Question #4 Topic 1

Your colleague has enabled virtual clustering to load balance traffic between the cluster units. You notice that all traffic is currently directed to a single FortiGate unit. Your colleague has applied the configuration shown in the exhibit.

Which step would you perform to load balance traffic within the virtual cluster?

  • A. Issue the diagnose sys ha reset-uptime command on the unit that is currently processing traffic to enable load balancing.
  • B. Add an additional virtual cluster high-availability link to enable cluster load balancing.
  • C. Input Virtual Cluster domain 1 and Virtual Cluster domain 2 device priorities for each cluster unit.
  • D. Use the set override enable command on both units to allow the secondary unit to load balance traffic.
Reveal Solution Hide Solution   Discussion   1

Correct Answer: C 🗳️
Reference:
http://docs.fortinet.com/uploaded/files/1088/fortigate-ha-50.pdf

file Viewing page 1 out of 17 pages.
Viewing questions 1-4 out of 65 questions
Next Questions
Browse atleast 50% to increase passing rate cup
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Loading ...
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago