Virtual of NSE8 simulations materials and practice for Fortinet certification for examinee, Real Success Guaranteed with Updated NSE8 pdf dumps vce Materials. 100% PASS Fortinet Network Security Expert 8 Written Exam (801) exam Today!
Q1. Referring to the exhibit, users are reporting that their FortiFones ring but when they pick up, the cannot hear each other. The FortiFones use SIP to communicate with the SIP Proxy Server and RTP between the phones.
Which configuration change will resolve the problem?
A.
B.
C.
D.
Answer: C
Explanation:
References: http://docs.fortinet.com/uploaded/files/2813/fortigate-sip-54.pdf
Q2. You notice that your FortiGate’s memory usage is very high and that the unit’s performance is adversely affected. You want to reduce memory usage.
Which three commands would meet this requirement? (Choose three.)
A.
B.
C.
D.
E.
Answer: A,D,E
Q3. FortiGate1 has a gateway-to-gateway IPsec VPN to FortiGate2. The entire IKE negotiation between FortiGate1 and FortiGate2 is on UDP port 500. A PC on FortuGate2’s local area network is sending continuous ping requests over the VPN tunnel to a PC of FortiGate1’s local area network. No other traffic is sent over the tunnel.
Which statement is true on this scenario?
A. FortiGate1 sends an R-U-THERE packet every 300 seconds while ping traffic is flowing.
B. FortiGate1 sends an R-U-THERE packet if pings stop for 300 seconds and no IKE packet is received during this period.
C. FortiGate1 sends an R-U-THERE packet if pings stop for 60 seconds and no IKE packet is received during this period.
D. FortiGate1 sends an R-U-THERE packet every 60 seconds while ping traffic is flowing.
Answer: C
Explanation:
References: http://kb.fortinet.com/kb/documentLink.do?externalID=FD35337
Q4. A customer wants to implement a RADIUS Single Sign On (RSSO) solution for multiple FortiGate devices. The customer’s network already includes a RADIUS server that can generate the logon and logoff accounting records. However, the RADIUS server can send those records to only one destination.
What should the customer do to overcome this limitation?
A. Send the RADIUS records to an LDAP server and add the LDAP server to the FortiGate configuration.
B. Send the RADIUS records to an RSSO Collector Agent.
C. Send the RADIUS records to one of the FortiGate devices, which can replicate them to the other FortiGate units.
D. Use the RADIUS accounting proxy feature available in FortiAuthenticator devices.
Answer: B
Explanation:
References:
http://docs.fortinet.com/uploaded/files/1937/fortigate-authentication-52.pdf
Q5. Your company uses a cluster of two FortiGate 3600C units in active-passive mode to protect the corporate network. The FortiGate cluster sends its logs to a FortiAnalyzer and you have configured scheduled weekly reports for the Internet bandwidth usage of each corporate VLAN. During a scheduled maintenance window, you make a series of configuration changes. When the next FortiAnalyzer weekly report is generated, you notice that Internet bandwidth usage reported by the FortiAnalyzer is far less than expected.
What is the reason for this discrepancy?
A. You applied an antivirus profile on some of the policies, and no traffic can be accelerated.
B. You disabled all security profiles on some of the firewall policies, and the traffic matching those policies is now accelerated.
C. You enabled HA session-pickup, which is turn disabled session accounting.
D. You changed from active-passive to active-active, causing the session traffic counters to become inaccurate.
Answer: D
Explanation:
Because of Active/Active failover traffic segregate to boxes where it reduces the bandwidth utilization
Q6. Your marketing department uncompressed and executed a file that the whole department received using Skype.
Reviewing the exhibit, which two details do you determine from your initial analysis of the payload?
A. The payload contains strings that the malware is monitoring to harvest credentials.
B. This is a type of Trojan that will download and pirate movies using your Netflix credentials.
C. This type of threat of a DDoS attack using instant messaging to send e-mails to further spread the infection.
D. This threat payload is uploading private user videos which are then used to extort Bitcoin payments.
Answer: B
Q7. You verified that application control is working from previous configured categories. You just added Skype on blocked signatures. However, after applying the profile to your firewall policy, clients running Skype can still connect and use the application.
What are two causes of this problem? (Choose two.)
A. The application control database is not updated.
B. SSL inspection is not enabled.
C. A client on the network was already connected to the Skype network and serves as relay prior to configuration changes to block Skype
D. The FakeSkype.botnet signature is included on your application control sensor.
Answer: A,B
Q8. You are asked to write a FortiAnalyzer report that lists the session that has consumed the most bandwidth. You are required to include the source IP, destination IP, application, application category, hostname, and total bandwidth consumed.
Which dataset meets these requirements?
A. select from_itime(itime) as timestamp, srcip, dstip, app, appcat, hostname, sum(coalesce(‘sentbyte”, 0) +coalesce(‘recbyte “, 0)) as bandwidth from $log where $filter LIMIT 1
B. select from_itime(itime) as timestamp, srcip, dstip, app, appcat, hostname, sum(coalesce(‘sentbyte”, 0) +coalesce(‘recbyte“, 0)) as bandwidth from $log where $filter LIMIT 1
C. select from_itime(itime) as timestamp, srcip, dstip, app, appcat, hostname, sum(coalesce(‘sentbyte”, 0) +coalesce(‘rcvdbyte“, 0)) as bandwidth from $log where $filter LIMIT 1
D. select from_itime(itime) as timestamp, sourceip, destip, app, appcat, hostname, sum(coalesce(‘sentbyte’, 0)+coalesce(‘rcvdbyte“, 0)) as bandwidth from $log where $filter LIMIT 1
Answer: C
Explanation:
References:
http://docs.fortinet.com/uploaded/files/2617/fortianalyzer-5.2.4-dataset-reference.pdf