Nest 0 Cart
Nest Account
Popular Exams
All Categories...
Nest
Nest 0
Contact
Log In / Sign Up
Copyright 2024 © store. All rights reserved.
Home Fortinet NSE8_810

Fortinet NSE8_810 Exam Practice Questions (P. 2)

  • Full Access (60 questions)
  • Six months of Premium Access
  • Access to one million comments
  • Seamless ChatGPT Integration
  • Ability to download PDF files
  • Anki Flashcard files for revision
  • No Captcha & No AdSense
  • Advanced Exam Configuration
Get Contributor Access
Question #6
Click the Exhibit button.
You configured an IPsec tunnel to a branch office. Now you want to make sure that the encryption of the tunnel is offloaded to hardware.
Referring to the exhibit, which statement is true?

  1. A
    Incoming and outgoing traffic is offloaded.
  2. B
    Outgoing traffic is offloaded; you cannot determine if incoming traffic is offloaded at this time.
  3. C
    Traffic is not offloaded.
  4. D
    Outgoing traffic is offloaded; incoming traffic not offloaded.

Correct Answer:
D

Question #7
You want to access the JSON API on FortiManager to retrieve information on an object.
In this scenario, which two methods will satisfy the requirement? (Choose two.)
  1. A
    Make a call with the Web browser on your workstation.
  2. B
    Make a call with the SoapUPI API tool on your workstation.
  3. C
    Download the WSDL file from FortiManager administration GUI. curl utility on your workstation.
  4. D
    Make a call with the

Correct Answer:
CD

Question #8
You have a customer with a SCADA environmental control device that is triggering a false-positive IPS alert whenever the device's Web GUI is accessed. You cannot seem to create a functional custom IPS filter to exempt this behavior, and it appears that the device is so old that it does not have HTTPS support.
You need to prevent the false positive IPS alerts from occuring.
In this scenario, which two actions would accomplish this task? (Choose two.)
  1. A
    Create a very granular firewall policy for that device's IP address which does not perform IPS scanning.
  2. B
    Reconfigure the FortiGate to operate in proxy-based inspection mode instead of flow-based. Exempt action for that device's IP address.
  3. C
    Create a URL filter with the
  4. D
    Change the relevant firewall policies to use SSL certificate-inspection instead of SSL deep-inspection.

Correct Answer:
AD

Question #9
Click the Exhibit button.
A FortiGate is configured for a dial-up IPsec VPN to allow multiple remote FortiGates to connect to it.
However, FortiGates A and B have problems connecting to the VPN. Only one of them can be connected at a time. If site B tries to connect white site A is connected, site A is disconnected. The IKE real time debug shows the output in the exhibit when site A is disconnected.
Which configuration setting should be executed in the dial-up configuration to allow both VPNs to be connected at the same time?
set enforce-unique-id disable
A.
set add-route enable
B.
set single-source disable
C.
set route-overlap allow
D.

Correct Answer:
D

Question #10
Click the Exhibit button. The exhibit shows the steps for creating a URL rewrite policy on a FortiWeb. Which statement represents the purpose of this policy?

  1. A
    The policy redirects all HTTP URLs to HTTPS.
  2. B
    The policy redirects all HTTPS URLs to HTTP.
  3. C
    The policy redirects only HTTPS URLs containing ^/(.*)$ string to HTTP.
  4. D
    The policy redirects only HTTPS URLs containing ^/(.*)$ string to HTTPS.

Correct Answer:
A

Previous Questions Next Questions

All Pages