It is more faster and easier to pass the Fortinet NSE8 exam by using Breathing Fortinet Fortinet Network Security Expert 8 Written Exam (801) questuins and answers. Immediate access to the Leading NSE8 Exam and find the same core area NSE8 questions with professionally verified answers, then PASS your exam with a high score now.
Q41. Referring to the exhibit, you want to know if aggregating port7 and port22 will work. Which statement is correct?
A. Yes, LACP is supported on all ports regardless if they are connected to the same NP6.
B. No, LACP is not supported on NP6 platforms.
C. No, LACP is only supported on ports connected to the same NP6.
D. Yes, LACP is supported on ports that are linked together with integrated Switch Fabric.
Answer: C
Explanation:
References:
http://help.fortinet.com/fos50hlp/54/Content/FortiOS/fortigate-hardware-acceleration- 52/NP6.htm
Q42. The SECOPS team in your company has started a new project to store all logging data in a disaster recovery center. All FortiGates will log to a secondary FortiAnalyzer and establish a TCP session to send logs to the syslog server.
Which two configurations will achieve this goal? (Choose two.)
A.
B.
C.
D.
Answer: A,C
Explanation:
https://forum.fortinet.com/tm.aspx?m=122848
Q43. You are installing a new FortiAP as shown in the exhibit, however, the FortiAP cannot discover the FortiGate. The FortiAP obtained an IP from the DHCP server and is reachable.
Which two configurations will resolve the problem? (Choose two.)
A.
B.
C.
D.
Answer: B,D
Explanation:
https://forum.fortinet.com/tm.aspx?m=112739
Q44. Which Fortinet product is used for antispam protection?
A. FortiSwitch
B. FortiGate
C. FortiWeb
D. FortiDB
Answer: B
Q45. Referring to the exhibit, you want to know if aggregating port7 and port22 will work. Which statement is correct?
A. Yes, LACP is supported on all ports regardless if they are connected to the same NP6.
B. No, LACP is not supported on NP6 platforms.
C. No, LACP is only supported on ports connected to the same NP6.
D. Yes, LACP is supported on ports that are linked together with integrated Switch Fabric.
Answer: C
Explanation:
References:
http://help.fortinet.com/fos50hlp/54/Content/FortiOS/fortigate-hardware-acceleration- 52/NP6.htm
Q46. Which VPN protocol is supported by FortiGate units?
A. E-LAN
B. PPTP
C. DMVPN
D. OpenVPN
Answer: B,C
Q47. A café offers free Wi-Fi. Customers’ portable electronic devices often do not have antivirus software installed and may be hosting worms without their knowledge. You must protect all customers from any other customers’ infected devices that join the same SSID.
Which step meets the requirement?
A. Enable deep SSH inspection with antivirus and IPS.
B. Use a captive portal to redirect unsecured connections such as HTTP and SMTP to their secured equivalents, preventing worms on infected clients from tampering with other customer traffic.
C. Use WPA2 encryption and configure a policy on FortiGate to block all traffic between clients.
D. Use WPA2 encryption, and enable “Block Intra-SSID Traffic”.
Answer: B
Q48. The dashboard widget indicates that FortiGuard Web Filtering is not reachable. However, AntiVirus, IPS, and Application Control have no problems as shown in the exhibit.
You contacted Fortinet’s customer service and discovered that your FortiGuard Web Filtering contract is still valid for several months.
What are two reasons for this problem? (Choose two.)
A. You have another security device in front of FortiGate blocking ports 8888 and 53.
B. FortiGuard Web Filtering is not enabled in any firewall policy.
C. You did not enable Web Filtering cache under Web Filtering and E-mail Filtering Options.
D. You have a firewall policy blocking ports 8888 and 53.
Answer: B,D
Explanation:
If Web filtering shows unreachable then we have to verify, whether web filtering enabled in security policies or not.
Web filtering enabled in a policy but the port 8888 and 53 are not selected, means the policy blocking the ports.
References: