Fortinet NSE8_811 - Fortinet NSE 8 Written Exam Exam
Page: 2 / 12
Total 60 questions
Question #6 (Topic: Topic 1)
You want to access the JSON API on FortiManager to retrieve information on an object.
In this scenario, which two methods will satisfy the requirement? (Choose two.)
In this scenario, which two methods will satisfy the requirement? (Choose two.)
A. Download the WSDL file from FortiManager administration GUI.
B. Make a call with the curl utility on your workstation.
C. Make a call with the SoapUI API tool on your workstation.
D. Make a call with the Web browser on your workstation.
Answer: AC
Question #7 (Topic: Topic 1)
Refer to the exhibit.
[Fortinet-NSE8-811-1.0/xmlfile-7_1.png]
You created a custom health-check for your FortiWeb deployment.
Given the output shown in the exhibit, which statement is true?
[Fortinet-NSE8-811-1.0/xmlfile-7_1.png]
You created a custom health-check for your FortiWeb deployment.
Given the output shown in the exhibit, which statement is true?
A. The FortiWeb must receive an RST packet from the server.
B. The FortiWeb must receive an HTTP 200 response code from the server.
C. The FortiWeb must match the hash value of the page index.html.
D. The FortiWeb must receive an ICMP Echo Request from the server.
Answer: B
Question #8 (Topic: Topic 1)
Refer to the exhibit.
[Fortinet-NSE8-811-1.0/xmlfile-8_1.png]
You created an aggregate interface between a FortiGate and a switch consisting of two 1 Gbps links as shown in the exhibit. However, the maximum bandwidth
never exceeds 1 Gbps and employees are reporting that the network is slow. After troubleshooting, you notice that only one member interface is being used. The
configuration for the aggregate interface is shown in the exhibit.
In this scenario, which command will solve this problem?
A.
[Fortinet-NSE8-811-1.0/xmlfile-8_2.png]
B.
[Fortinet-NSE8-811-1.0/xmlfile-9_1.png]
C.
[Fortinet-NSE8-811-1.0/xmlfile-9_2.png]
D.
[Fortinet-NSE8-811-1.0/xmlfile-9_3.png]
[Fortinet-NSE8-811-1.0/xmlfile-8_1.png]
You created an aggregate interface between a FortiGate and a switch consisting of two 1 Gbps links as shown in the exhibit. However, the maximum bandwidth
never exceeds 1 Gbps and employees are reporting that the network is slow. After troubleshooting, you notice that only one member interface is being used. The
configuration for the aggregate interface is shown in the exhibit.
In this scenario, which command will solve this problem?
A.
[Fortinet-NSE8-811-1.0/xmlfile-8_2.png]
B.
[Fortinet-NSE8-811-1.0/xmlfile-9_1.png]
C.
[Fortinet-NSE8-811-1.0/xmlfile-9_2.png]
D.
[Fortinet-NSE8-811-1.0/xmlfile-9_3.png]
Answer: A
Question #9 (Topic: Topic 1)
Refer to the exhibit.
[Fortinet-NSE8-811-1.0/xmlfile-10_1.png]
A FortiGate device is configured to authenticate SSL VPN users using digital certificates. A partial FortiGate configuration is shown in the exhibit.
Referring to the exhibit, which two statements about this configuration are true? (Choose two.)
[Fortinet-NSE8-811-1.0/xmlfile-10_1.png]
A FortiGate device is configured to authenticate SSL VPN users using digital certificates. A partial FortiGate configuration is shown in the exhibit.
Referring to the exhibit, which two statements about this configuration are true? (Choose two.)
A. The authentication will fail if the user certificate does not contain the user principal name (UPN) information.
B. The authentication will fail if the user certificate does not contain the CA_Cert string in the CA field.
C. The authentication will fail if the OCSP server is down.
D. OCSP is used to verify that the user-signed certificate has not expired.
Answer: AC
Question #10 (Topic: Topic 1)
Consider the following FortiGate configuration:
[Fortinet-NSE8-811-1.0/xmlfile-11_1.png]
Which command-line option for deep inspection SSL would have the FortiGate re-sign all untrusted self-signed certificates with the trusted Fortinet_CA_SSL
certificate?
[Fortinet-NSE8-811-1.0/xmlfile-11_1.png]
Which command-line option for deep inspection SSL would have the FortiGate re-sign all untrusted self-signed certificates with the trusted Fortinet_CA_SSL
certificate?
A. block
B. inspect
C. allow
D. ignore
Answer: D
