Fortinet NSE8 Exam Practice Questions (P. 4)

An administrator wants to assign static IP addresses to users connecting tunnel-mode SSL VPN. Each SSL VPN user must always get the same unique IP address which is never assigned to any other user.
Which solution accomplishes this task?

The exhibit shows an LDAP server configuration in a FortiGate device. The LDAP user, John Smith, has the following LDAP attributes:

John Smiths LDAP password is ABC123.
Which CLI command should you use to test the LDAP authentication using John Smiths credentials?

Your NOC contracts the security team due to a problem with a new application flow. You are instructed to disable hardware acceleration for the policy shown in the exhibit for troubleshooting purposes.

Which command will disable hardware acceleration for the new application policy?
A)

B)

C)

D)

Your company uses a cluster of two FortiGate 3600C units in active-passive mode to protect the corporate network. The FortiGate cluster sends its logs to a
FortiAnalyzer and you have configured scheduled weekly reports for the Internet bandwidth usage of each corporate VLAN. During a scheduled maintenance window, you make a series of configuration changes. When the next FortiAnalyzer weekly report is generated, you notice that Internet bandwidth usage reported by the FortiAnalyzer is far less than expected.
What is the reason for this discrepancy?

You notice that memory usage is high and FortiGate has entered conserve mode. You want FortiGates IPS engine to focus only on exploits and attacks that are applicable to your specific network.
Which two steps would you take to reduce RAM usage without weakening security? (Choose two.)