Download Fortinet Network Security Expert 8 Written Exam (NSE8 810 - FortiOS 5.6).NSE8_810.PracticeTest.2018-11-20.27q.vcex

Vendor: Fortinet
Exam Code: NSE8_810
Exam Name: Fortinet Network Security Expert 8 Written Exam (NSE8 810 - FortiOS 5.6)
Date: Nov 20, 2018
File Size: 3 MB
Download Exam

How to open VCEX files?

Files with VCEX extension can be opened by ProfExam Simulator.

Download
ProfExam Simulator

Purchase
Coupon: EXAM_HUB

Discount: 20%

ProfExam Simulator ProfExam Simulator ProfExam Simulator ProfExam Simulator ProfExam Simulator

Demo Questions

Question 1
Click the Exhibit button.  
  
Your company has two data centers (DC) connected using a Layer 3 network. Servers in farm A need to connect to servers in farm B as though they all were in the same Layer 2 segment. What would be configured on the FortiGates on each DC to allow such connectivity?
  1. Create an IPsec tunnel with transport-mode encapsulation.
  2. Create an IPsec tunnel with tunnel-mode encapsulation.
  3. Create an IPsec tunnel with VXLAN encapsulation.
  4. Create an IPsec tunnel with VLAN encapsulation.
Correct answer: C
Question 2
You want to access the JSON API on FortiManager to retrieve information on an object.  
In this scenario, which two methods will satisfy the requirement? (Choose two.)
  1. Make a call with the Web browser on your workstation.
  2. Make a call with the SoapUPI API tool on your workstation.
  3. Download the WSDL file from FortiManager administration GUI.
  4. Make a call with the curl utility on your workstation.
Correct answer: CD
Question 3
Click the Exhibit button. The exhibit shows the steps for creating a URL rewrite policy on a FortiWeb. Which statement represents the purpose of this policy?  
  
  1. The policy redirects all HTTP URLs to HTTPS.
  2. The policy redirects all HTTPS URLs to HTTP.
  3. The policy redirects only HTTPS URLs containing ^/(.*)$ string to HTTP.
  4. The policy redirects only HTTPS URLs containing ^/(.*)$ string to HTTPS.
Correct answer: A
Question 4
You want to manage a FortiGate with the FortiCloud service.  
The FortiGate shows up in your list of devices on the FortiGate Web Site, but all management functions are either missing or grayed out. Which statement is correct in this scenario?
  1. The managed FortiGate is running a version of FortiOS that is either too new or too old for FortiCloud.
  2. The managed FortiGate requires that a FortiCloud management license be purchased and applied.
  3. You must manually configure system central-management on the FortiGate CLI and set the management type to fortiguard.
  4. The management tunnel mode on the managed FortiGate must be changed to normal.
Correct answer: C
Question 5
FortiMail is configured with the protected domain “internal.lab”.  
Which two envelope addresses will need an access control rule to relay e-mail sent for unauthenticated users? (Choose two.)
  4. MAIL FROM: student@ internal.lab;RCPT TO;[email protected]
Correct answer: BC
Question 6
You deploy a FortiGate device in a remote office based on the requirements shown below.  
  • Due to company’s security policy, management IP of your FortiGate is not allowed to access the Internet.  
  • Apply Web Filtering, AntiVirus, IPS and Application control to the protected subnet.  
  • Be managed by a central FortiManager on the head office.  
Which action will help to achieve the requirements?
  1. Configure a default route and make sure that the FortiGate device can ping to service.fortiguard.net
  2. Configure the FortiGuard override server and use the IP address of the FortiManager.
  3. Configure the FortiGuard override server and use the IP address of service.fortiguard.net.
  4. Configure FortiGuard to use FortiGuard Filtering Port 8888.
Correct answer: B
Question 7
Click the Exhibit button.  
  
You log into FortiManager, look at the Device Manager window and notice that one of your managed devices is not in normal status.  
Referring to the exhibit, which two statements correctly describe the affected device’s status and result? (Choose two.)
  1. The device configuration was changed on the local FortiGate side only; auto-update is disabled.
  2. The device configuration was changed on both the local FortiGate side and the FortiManager side; auto-update is disabled.
  3. The changed configuration on the FortiGate will remain the next time that the device configuration is pushed form FortiManager.
  4. The changed configuration on the FortiGate will be overwritten in favor of what is on the FortiManager the next time that the device configuration is pushed.
Correct answer: BD
Question 8
A FortiOS device is used for termination of VPNs for a number of remote spoke VPN units (designated Group A spokes) using a phase 1 main mode dial-up tunnel using pre-shared keys. Your company recently acquired another organization. You are asked to establish VPN connectivity for the newly acquired organization’s sites for which new devices will be provisioned (designated Group B spokes). Both existing (Group A) and new (Group B) spoke units are dynamically addressed. You are asked to ensure that spokes from the acquired organization (Group B) have different access permissions that your existing VPN spokes units (Group A). 
Which two solutions meet the requirements for the new spoke group? (Choose two.)
  1. Implement a new phase 1 dial-up main mode tunnel with preshared keys and XAuth. Use identity policies to filter traffic.
  2. Implement a new phase 1 dial-up main mode tunnel with a different pre-shared key than Group A spokes. Use standard policies to filter traffic for the new dial-up tunnel.
  3. Implement a new phase 1 dial-up main mode tunnel with certificate authentication. Use standard policies to filter traffic for the new dial-up tunnel.
  4. Implement separate phase 1 dial-up aggressive mode tunnels with a distinct peer ID. Use standard policies to filter traffic for the new dial-up tunnel.
Correct answer: AB
Question 9
Click the exhibit.  
You created an aggregate interface between your FortiGate and a switch consisting of two 1 Gbps links as shown in the exhibit. However, the maximum bandwidth never exceeds. 1 Gbps and employees are complaining that the network is slow. After troubleshooting, you notice only one member interface is being used. The configuration for the aggregate interface is shown in the exhibit.  
In this scenario, which command will solve this problem?  
  
  1. config system interface
    edit Agg1
    set min-links 2
    end
  2. config system interface
    edit Agg1
    set weight 2
    end
  3. config system interface
    edit Agg1
    set Algorithm L4
    end
  4. config system interface
    edit Agg1
    set lacp-mode active
    end
Correct answer: A
Question 10
Refer to the Exhibit button.  
You need to run a script in FortiManager against managed FortiGate devices in your organization to install a configuration for a new static route. Which two scripts will successfully configure the static route on the managed device? (Choose two.) 
  
  1. Script 1
  2. Script 2
  3. Script 3
  4. Script 4
Correct answer: BC
CONNECT US
HOW TO OPEN VCE FILES

Use VCE Exam Simulator to open VCE files
Avanaset

HOW TO OPEN VCEX AND EXAM FILES

Use ProfExam Simulator to open VCEX and EXAM files
ProfExam Screen

ProfExam
ProfExam at a 20% markdown

You have the opportunity to purchase ProfExam at a 20% reduced price

Get Now!