Nest 0 Cart
Nest Account
Popular Exams
All Categories...
Nest
Nest 0
Contact
Log In / Sign Up
Copyright 2024 © store. All rights reserved.
Home Fortinet NSE8_811

Fortinet NSE8_811 Exam Practice Questions (P. 5)

  • Full Access (60 questions)
  • Six months of Premium Access
  • Access to one million comments
  • Seamless ChatGPT Integration
  • Ability to download PDF files
  • Anki Flashcard files for revision
  • No Captcha & No AdSense
  • Advanced Exam Configuration
Get Contributor Access
Question #21
Refer to the exhibit.

You are trying to configure Link-Aggregation Group (LAG), but ports A and B do not appear on the list of member options.
Referring to the exhibit, which statement is correct in this situation?
  1. A
    The FortiGate interfaces are defective and require replacement.
  2. B
    The FortiGate model does not have an Integrated Switch Fabric (ISF).
  3. C
    The FortiGate model being used does not support LAG.
  4. D
    The FortiGate SFP+ slot does not have the correct module.

Correct Answer:
B

Question #22
You have deployed a FortiGate in NAT/Route mode as a Secure Web Gateway with a few IP-based authentication firewall policies. Your customer reports that some users now have different browsing permissions from what is expected. All these users are browsing using Internet Explorer through a Remote Desktop
Connection to a Terminal Server. When you look at the FortiGate logs, the username for the Terminal Server IP is not consistent.
Which action will correct this problem?
  1. A
    Change the FSSO Polling mode to Windows NetAPI.
  2. B
    Configure FSSO Advanced with LDAP integration.
  3. C
    Install the TS/Citrix agent on the terminal server.
  4. D
    Make sure the Terminal Server is using the correct DNS server.

Correct Answer:
C

Question #23
Refer to the exhibit.

While deploying a new FortiGate-VMX Security node, an administrator receives the error message shown in the exhibit.
In this scenario, which statement is correct?
  1. A
    The NSX Manager is not able to connect on the FortiGate Service Manager RestAPI service.
  2. B
    The vCenter is not able to locate the FortiGate-VMX OVF file.
  3. C
    The FortiGate Service Manager does not have the proper permission to register the FortiGate-VMX Service.
  4. D
    The vCenter cannot connect to the FortiGate Service Manager.

Correct Answer:
B

Question #24
A customer is experiencing problems with a legacy L3/L4 firewall device and the IPv6 SIP VoIP traffic. Their device is dropping SIP packets, consequently, it cannot process SIP voice calls.
Which solution will solve the customer's problem?
  1. A
    Replace their legacy device with a FortiGate and deploy a FortiVoice to extract information from the body of the IPv6 SIP packet.
  2. B
    Deploy a FortiVoice and enable IPv6 SIP.
  3. C
    Deploy a FortiVoice and enable an IPv6 SIP session helper.
  4. D
    Replace their legacy device with a FortiGate and configure it to extract information from the body of the IPv6 SIP packet.

Correct Answer:
A

Question #25
Refer to the exhibit.

A VPN IPsec is connecting the headquarters office (HQ) with a branch office (BO). OSPF is used to redistribute routes between the offices. After deployment, a server with IP address 10.10.10.35 located on the DMZ network of the BO FortiGate, was reported unreachable from hosts located on the LAN network of the same
FortiGate.
Referring to the exhibit, which statement is true?
  1. A
    The ICMP packets are being blocked by an implicit deny policy.
  2. B
    A directly connected subnet is being partially superseded by an OSPF redistributed subnet.
  3. C
    Enabling NAT on the VPN firewall policy will solve the problem.
  4. D
    The incoming access list should have an accept action instead of a deny action to solve the problem.

Correct Answer:
B

Previous Questions Next Questions

All Pages