Prepare for Fortinet NSE 8 Written Exam with Reliable NSE8_812 Exam Dumps

1. Refer to the exhibit.

The exhibit shows a full-mesh topology between FortiGate and FortiSwitch devices.

To deploy this configuration, two requirements must be met:

- 20 Gbps full duplex connectivity is available between each FortiGate and the FortiSwitch devices

- The FortiGate HA must be in AP mode

Referring to the exhibit, what are two actions that will fulfill the requirements? (Choose two.)

2. You want to manage a FortiGate with the FortiCloud service. The FortiGate shows up in your list of devices on the FortiCloud Web site, but all management functions are either missing or grayed out.

Which statement is correct in this scenario?

3. Refer to the exhibit.

The exhibit shows the steps for creating a URL rewrite policy on a FortiWeb.

Which statement represents the purpose of this policy?

4. You are asked to add a FortiDDoS to the network to combat detected slow connection attacks such as Slowloris.

Which prevention mode on FortiDDoS will protect you against this specific type of attack?

5. You are building a FortiGate cluster which is stretched over two locations. The HA connections for the cluster are terminated on the local switches in the data centers. Once the FortiGate devices have booted, they do not form a cluster. The network operators inform you that CRC errors are present on the switches where the FortiGate devices are connected.

What should you do to solve this problem?

6. You want to access the JSON API on FortiManager to retrieve information on an object.

In this scenario, which two methods will satisfy the requirement? (Choose two.)

7. Refer to the exhibit.

You created a custom health-check for your FortiWeb deployment. Given the output shown in the exhibit, which statement is true?

8. Refer to the exhibit.

You created an aggregate interface between a FortiGate and a switch consisting of two 1 Gbps links as shown in the exhibit. However, the maximum bandwidth never exceeds 1 Gbps and employees are reporting that the network is slow. After troubleshooting, you notice that only one member interface is being used. The configuration for the aggregate interface is shown in the exhibit.

In this scenario, which command will solve this problem?

A)

B)

C)

D)

9. Refer to the exhibit.

A FortiGate device is configured to authenticate SSL VPN users using digital certificates. A partial FortiGate configuration is shown in the exhibit.

Referring to the exhibit, which two statements about this configuration are true? (Choose two.)

10. Consider the following FortiGate configuration:

Which command-line option for deep inspection SSL would have the FortiGate re-sign all untrusted self-signed certificates with the trusted Fortinet_CA_SSL certificate?

11. Refer to the exhibit.

A FortiGate is configured for a dial-up IPsec VPN to allow multiple remote FortiGate devices to connect to it. However, FortiGate A and B have problems connecting to the VPN. Only one of them can be connected at a time. If site B tries to connect while site A is connected, site A is disconnected. The IKE real-time debug shows the output in the exhibit when site A is disconnected.

Referring to the exhibit, which configuration setting should be executed in the dial-up configuration to allow both VPNs to be connected at the same time?

12. A customer wants to enable SYN flood mitigation in a FortiDDoS device. The FortiDDoS must reply with one SYN/ACK packet per SYN packet from a new source IP address.

Which SYN flood mitigation mode must the customer use?

13. Refer to the exhibit.

You configured AV and Web filtering for your outgoing Internet connections. You later notice that not all Web sessions are being inspected and you start troubleshooting the problem.

Referring to the exhibit, what can be causing this problem?

14. You are administering the FortiGate 5000 and FortiGate 7000 series products. You want to access the HTTPS GUI of the blade located in logical slot 3 of the secondary chassis in a high-availability cluster.

Which URL will accomplish this task?

15. Refer to the exhibit.

Given the configuration shown in the exhibit, which two statements are true? (Choose two.)

16. A customer wants to integrate their on-premise FortiGate with their Azure infrastructure.

Which two components must be in place to configure the Azure Fabric connector? (Choose two.)

17. You cannot ping the FortiGate default gateway 10.10.10.1 from the FortiGate CLI. The FortiGate interface facing the default gateway is wan1 and its IP address is 10.10.10.254/24. During the initial troubleshooting tests, you confirm that you can ping other IP addresses in the 10.10.10.0/24 subnet from the FortiGate CLI without packets lost.

Which two CLI commands will help you to troubleshoot this problem? (Choose two.)

18. An organization has one central site and three remote sites. A FortiSIEM has been installed on the central site and now all devices across the remote sites must be centrally monitored by the FortiSIEM at the central site.

Which action will reduce the WAN usage by the monitoring system?

19. A customer is looking for a way to remove javascripts, macros and hyperlinks from documents traversing the network without affecting the integrity of the content. You propose to use the Content disarm and reconstruction (CDR) feature of the FortiGate.

Which two considerations are valid to implement CDR in this scenario? (Choose two.)

20. Refer to the exhibit.

As shown in the exhibit, a FortiADC is load-balancing IPv4 traffic between two next-hop routers. The FortiADC does not know the IP addresses of the servers. Also, the FortiADC is doing Layer 7 content inspection and modification.

In this scenario, which application delivery control is configured in the FortiADC?