Pre-Winter Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: pass65

  1. Home
  2. Fortinet
  3. Fortinet Network Security Expert
  4. NSE8_812
  5. Network Security Expert 8 Written Exam Questions and Answers

Pass the Fortinet Fortinet Network Security Expert NSE8_812 Questions and answers with CertsForce

 Fortinet Exams      Go to Exam Detail      Get Premium Access
Viewing page 3 out of 4 pages
Viewing questions 21-30 out of questions
Questions # 21:

Refer to The exhibit showing a FortiEDR configuration.

Question # 21

Based on the exhibit, which statement is correct?

Options:
A.

The presence of a cryptolocker malware at rest on the filesystem will be detected by the Ransomware Prevention security policy.

B.

FortiEDR Collector will not collect OS Metadata.

C.

If a malicious file is executed and attempts to establish a connection it will generate duplicate events.

D.

If an unresolved file rule is triggered, by default the file is logged but not blocked.

Expert Solution
Questions # 22:

An administrator has configured a FortiGate device to authenticate SSL VPN users using digital certificates. A FortiAuthenticator is the certificate authority (CA) and the Online Certificate Status Protocol (OCSP) server.

Part of the FortiGate configuration is shown below:

Question # 22

Based on this configuration, which two statements are true? (Choose two.)

Options:
A.

OCSP checks will always go to the configured FortiAuthenticator

B.

The OCSP check of the certificate can be combined with a certificate revocation list.

C.

OCSP certificate responses are never cached by the FortiGate.

D.

If the OCSP server is unreachable, authentication will succeed if the certificate matches the CA.

Expert Solution
Questions # 23:

Refer to the exhibits.

Question # 23

You are configuring a Let's Encrypt certificate to enable SSL protection to your website. When FortiWeb tries to retrieve the certificate, you receive a certificate status failed, as shown below.

Question # 23

Based on the Server Policy settings shown in the exhibit, which two configuration changes will resolve this issue? (Choose two.)

Options:
A.

Disable Redirect HTTP to HTTPS in the Server Policy.

B.

Remove the Web Protection Profile from this Server Policy.

C.

Enable HTTP service in the Server Policy.

D.

Configure a TXT record of the domain and point to the IP address of the Virtual Server.

Expert Solution
Questions # 24:

Refer to the exhibit.

Question # 24

A customer has deployed a FortiGate 200F high-availability (HA) cluster that contains & TPM chip. The exhibit shows output from the FortiGate CLI session where the administrator enabled TPM.

Following these actions, the administrator immediately notices that both FortiGate high availability (HA) status and FortiManager status for the FortiGate are negatively impacted.

What are the two reasons for this behavior? (Choose two.)

Options:
A.

The private-data-encryption key entered on the primary did not match the value that the TPM expected.

B.

Configuration for TPM is not synchronized between FortiGate HA cluster members.

C.

The FortiGate has not finished the auto-update process to synchronize the new configuration to FortiManager yet.

D.

TPM functionality is not yet compatible with FortiGate HA.

E.

The administrator needs to manually enter the hex private data encryption key in FortiManager.

Expert Solution
Questions # 25:

Refer to the exhibit showing a firewall policy configuration.

Question # 25

To prevent unauthorized access of their cloud assets, an administrator wants to enforce authentication on firewall policy ID 1.

What change does the administrator need to make?

Question # 25

Options:
A.

Option A

B.

Option B

C.

Option C

D.

Option D

Expert Solution
Questions # 26:

Refer to the exhibit.

Question # 26

The Company Corp administrator has enabled Workflow mode in FortiManager and has assigned approval roles to the current administrators. However, workflow approval does not function as expected. The CTO is currently unable to approve submitted changes.

Given the exhibit, which two possible solutions will resolve the workflow approval problems with the Workflow_72 ADOM? (Choose two.)

Options:
A.

The CTO must have a defined email address for their admin user account.

B.

The CTO and CISO need to swap Approval Groups so that the highest authority is in Group #1.

C.

The CTO must have Standard access level or higher for FortiManager.

D.

The CISO must have a higher access level than "Read_Only_User" in FortiManager.

E.

The CTO needs to be added to "Email Notification" in the Workflow_72 ADOM.

Expert Solution
Questions # 27:

A FortiGate is configured to perform outbound firewall authentication with Azure AD as a SAML IdP.

What are two valid interactions that occur when the client attempts to access the internet? (Choose two.)

Options:
A.

FortiGate SP sends a SAML request to the IdP.

B.

The Microsoft SAML IdP sends the SAML response to the FortiGate SP.

C.

The client browser forwards the SAML response received from Microsoft SAML IdP to the FortiGate SP.

D.

FortiGate SP redirects the client browser to the local captive portal and then redirects to the Microsoft SAML IdP.

Expert Solution
Questions # 28:

Refer to the exhibit.

Question # 28

The exhibit shows the forensics analysis of an event detected by the FortiEDR core

In this scenario, which statement is correct regarding the threat?

Options:
A.

This is an exfiltration attack and has been stopped by FortiEDR.

B.

This is an exfiltration attack and has not been stopped by FortiEDR

C.

This is a ransomware attack and has not been stopped by FortiEDR.

D.

This is a ransomware attack and has been stopped by FortiEDR

Expert Solution
Questions # 29:

Refer to the exhibit containing the configuration snippets from the FortiGate. Customer requirements:

Question # 29

• SSLVPN Portal must be accessible on standard HTTPS port (TCP/443)

• Public IP address (129.11.1.100) is assigned to portl

• Datacenter.acmecorp.com resolves to the public IP address assigned to portl

The customer has a Let's Encrypt certificate that is going to expire soon and it reports that subsequent attempts to renew that certificate are failing.

Reviewing the requirement and the exhibit, which configuration change below will resolve this issue?

A)

Question # 29

B)

Question # 29

C)

Question # 29

D)

Question # 29

Options:
A.

Option A

B.

Option B

C.

Option C

D.

Option D

Expert Solution
Questions # 30:

Refer to the exhibits, which show a network topology and VPN configuration.

Question # 30

A network administrator has been tasked with modifying the existing dial-up IPsec VPN infrastructure to detect the path quality to the remote endpoints.

After applying the configuration shown in the configuration exhibit, the VPN clients can still connect and access the protected 172.16.205.0/24 network, but no SLA information shows up for the client tunnels when issuing the diagnose sys link-monitor tunnel all command on the FortiGate CLI.

What is wrong with the configuration?

Options:
A.

SLA link monitoring does not work with the net-device setting.

B.

The admin needs to disable the mode-cfg setting.

C.

IPsec Phase1 Interface has to be configured in IPsec main mode.

D.

It is necessary to use the IKEv2 protocol in this situation.

Expert Solution
Viewing page 3 out of 4 pages
Viewing questions 21-30 out of questions