لا تريد أن تفوت شيئا؟

نصائح اجتياز امتحان الشهادة

آخر أخبار الامتحانات ومعلومات الخصم

برعاية وحديثة من قبل خبرائنا

نعم، أرسل لي النشرة الإخبارية

خذ اختبارات أخرى عبر الإنترنت
السؤال #1
You want to enable traffic between 2001:db8:1::/64 and 2001:db8:2::/64 over the public IPv4 Internet. Given the CLI configuration shown in the exhibit, which two additional settings are required on this device to implement tunneling for the IPv6 transition? (Choose two.)
A. Pv4 firewall policies to allow traffic between the local and remote IPv6 subnets
B. Pv6 static route to the destination phase2 destination subnet
C. Pv4 static route to the destination phase2 destination subnet
D. Pv6 firewall policies to allow traffic between the local and remote IPv6 subnets
عرض الإجابة
اجابة صحيحة: BD
السؤال #2
You are creating the CLI script to be used on a new SD-WAN deployment You will have branches with a different number of internet connections and want to be sure there is no need to change the Performance SLA configuration in case more connections are added to the branch. The current configuration is: Which configuration do you use for the Performance SLA members?
A. set members any
B. set members 0
C. current configuration already fulfills the requirement
D. set members all
عرض الإجابة
اجابة صحيحة: B
السؤال #3
You are administering the FortiGate 5000 and FortiGate 7000 series products. You want to access the HTTPS GUI of the blade located in logical slot 3 of the secondary chassis in a high-availability cluster. Which URL will accomplish this task?
A. https://192
B. https://192
C. https://192
D. https://192
عرض الإجابة
اجابة صحيحة: B
السؤال #4
Refer to the exhibits. Exhibit A Exhibit B Exhibit C A customer is trying to set up a VPN with a FortiGate, but they do not have a backup of the configuration. Output during a troubleshooting session is shown in the exhibits A and B and a baseline VPN configuration is shown in Exhibit C Referring to the exhibits, which configuration will restore VPN connectivity? A) B) C) D)
A. Option A
B. Option B
C. Option Ccorrect
D. Option D
عرض الإجابة
اجابة صحيحة: C
السؤال #5
You want to access the JSON API on FortiManager to retrieve information on an object. In this scenario, which two methods will satisfy the requirement? (Choose two.)
A. Make a call with the Web browser on your workstation
B. Make a call with the SoapUl API tool on your workstation
C. Download the WSDL file from FortiManager administration GUcorrect
D. Make a call with the curl utility on your workstation
عرض الإجابة
اجابة صحيحة: C
السؤال #6
Refer to the exhibit. You have deployed a security fabric with three FortiGate devices as shown in the exhibit. FGT_2 has the following configuration: FGT_1 and FGT_3 are configured with the default setting. Which statement is true for the synchronization of fabric-objects?
A. Objects from the FortiGate FGT_2 will be synchronized to the upstream FortiGate
B. Objects from the root FortiGate will only be synchronized to FGT__2
C. Objects from the root FortiGate will not be synchronized to any downstream FortiGate
D. Objects from the root FortiGate will only be synchronized to FGT_3
عرض الإجابة
اجابة صحيحة: C
السؤال #7
A FortiGate device is configured to authenticate SSL VPN users using digital certificates. A partial FortiGate configuration is shown in the exhibit. Referring to the exhibit, which two statements about this configuration are true? (Choose two.)
A. The authentication will fail if the user certificate does not contain the user principal name (UPN) information
B. The authentication will fail if the user certificate does not contain the CA_Cert string in the CA field
C. The authentication will fail if the OCSP server is down
D. OCSP is used to verify that the user-signed certificate has not expired
عرض الإجابة
اجابة صحيحة: AC
السؤال #8
[Fortinet-NSE8-8.0/Fortinet-NSE8-5_2.png] A customer wants to secure the network shown in the exhibit with a full redundancy design. Which security design would you use?
A. Place a FortiGate FGCP Cluster between DD and AA, then connect it to SW1, SW2, SW3, and SW4
B. Place a FortiGate FGCP Cluster between BB and CC, then connect it to SW1, SW2, SW3, and SW4
C. Place a FortiGate FGCP Cluster between BB and AA, then connect it to SW1, SW2, SW3, and SW4
D. Place a FortiGate FGCP Cluster between DD and FF, then connect it to SW1, SW2, SW3, and SW4
عرض الإجابة
اجابة صحيحة: A
السؤال #9
You are investigating a problem related to FTP active mode. You use a test PC with IP address 10.100.60.5 to connect to the FTP server at 172.16.133.50 and transfer a large file. The FortiGate translates source address (SNAT) in network 10.100.60.0/24 to the IP address 172.16.133.1. Which two groups of CLI commands allow you to see information related to this FTP connection (Choose two.)
A.
B.
C.
D.
عرض الإجابة
اجابة صحيحة: AD
السؤال #10
A customer has the following requirements: - local peer with two Internet links - remote peer with one Internet link - secure traffic between the two peers - granular control with Accept policies Which solution provides security and redundancy for traffic between the two peers?
A. a fully redundant VPN with interface mode configuration
B. a partially redundant VPN with interface mode configuration
C. a partially redundant VPN with tunnel mode configuration
D. a fully redundant VPN with tunnel mode configuration
عرض الإجابة
اجابة صحيحة: B
السؤال #11
The output shown in the exhibit from FortiManager is displayed during an import of the device configuration. Which statement describes the correct action taken for these duplicate objects?
A. he import fails because of the duplicate entries detected which exist in the ADOM database
B. ortiManager installs these duplicate objects to the managed device from the ADOM database
C. ortiManager does not import these duplicate entries into the ADOM database because they already exist in the ADOM database
D. ortiManager creates indexed duplicate entries for these objects in the ADOM database
عرض الإجابة
اجابة صحيحة: B
السؤال #12
An administrator reports continuous high CPU utilization on a FortiGate device due to the IPS engine. Consider the global IPS configuration shown below. Which two configuration actions will reduce the CPU usage? (Choose two.)
A. educe the number of packets being logged
B. ncrease engine-count to 2
C. nable intelligent mode
D. isable fail open
عرض الإجابة
اجابة صحيحة: AC
السؤال #13
The FortiGate is an IPsec VPN hub. A VPN spoke protecting subnet 192.168.222.0/24 has successfully brought up a tunnel with the FortiGate. This remote network is present in the FortiGate routing table as shown in the exhibit. [Fortinet-NSE8-8.0/Fortinet-NSE8-4_2.png] Which statement is true?
A. This subnet was learned during quick-mode negotiation and was dynamically injected into the routing table
B. The FortiGate administrator configured this subnet as a locally connected subnet on the BranchOffice phase1 interface
C. The route in the exhibit is bound to “BranchOffice_0” which is a tunnel other than “BranchOffice”
D. The FortiGate administrator configured a static route for 192
عرض الإجابة
اجابة صحيحة: B
السؤال #14
Refer to the exhibit. [Fortinet-NSE8-811-1.0/xmlfile-4_1.png] The exhibit shows the steps for creating a URL rewrite policy on a FortiWeb. Which statement represents the purpose of this policy?
A. The policy redirects all HTTPS URLs to HTTP
B. The policy redirects all HTTP URLs to HTTPS
C. The policy redirects only HTTP URLs containing the ^/(
D. The policy redirects only HTTPS URLs containing the ^/(
عرض الإجابة
اجابة صحيحة: B
السؤال #15
You deploy a FortiGate device in a remote office based on the requirements shown below. -- Due to company's security policy, management IP of your FortiGate is not allowed to access the Internet. -- Apply Web Filtering, Antivirus, IPS and Application control to the protected subnet. -- Be managed by a central FortiManager in the head office. Which action will help to achieve the requirements?
A. Configure a default route and make sure that the FortiGate device can pmg to service fortiguard net
B. Configure the FortiGuard override server and use the IP address of the FortiManagercorrect
C. Configure the FortiGuard override server and use the IP address of service, fortiguard net
D. Configure FortiGate to use FortiGuard Filtering Port 8888
عرض الإجابة
اجابة صحيحة: B
السؤال #16
Which two methods are supported for importing user defined Lookup Table Data into the FortiSIEM? (Choose two.)
A. Reportcorrect
B. FTP
C. APIcorrect
D. SCP
عرض الإجابة
اجابة صحيحة: AC
السؤال #17
FortiMail is configured with the protected domain "internal.lab". Which two envelope addresses will need an access control rule to relay e-mail sent for unauthenticated users? (Choose two.)
A. AIL FROM:[email?protected]; RCPT TO:[email?protected]
B. AIL FROM:[email?protected]; RCPT TO:[email?protected]
C. AIL FROM:[email?protected]; RCPT TO:[email?protected]
D. AIL FROM:[email?protected]; RCPT TO:[email?protected]
عرض الإجابة
اجابة صحيحة: BC
السؤال #18
Which VPN protocol is supported by FortiGate units?
A. -LAN
B. PTP
C. MVPN
D. penVPN
عرض الإجابة
اجابة صحيحة: BC
السؤال #19
You have received an issue report about users not being able to use a video conferencing application. This application uses two UDP ports and two TCP ports to communicate with servers on the Internet. The network engineering team has confirmed there is no routing problem. You are given a copy of the FortiGate configuration. Which three configuration objects will you inspect to ensure that no policy is blocking this traffic? (Choose three.)
A. config firewall interface-policy
B. config firewall DoS-policy
C. config firewall policy
D. config firewall multicast-policy
E. config firewall sniffer-policy
عرض الإجابة
اجابة صحيحة: BCE
السؤال #20
A company has just deployed a new FortiMail in gateway mode. The administrator is asked to strengthen e-mail protection by applying the policies shown below. - E-mails can only be accepted if a valid e-mail account exists. - Only authenticated users can send e-mails out Which two actions will satisfy the requirements? (Choose two. )
A. Configure recipient address verification
B. Configure inbound recipient policies
C. Configure outbound recipient policies
D. Configure access control rules
عرض الإجابة
اجابة صحيحة: AD
السؤال #21
Click the Exhibit button. The exhibit shows the steps for creating a URL rewrite policy on a FortiWeb. Which statement represents the purpose of this policy? [Fortinet-NSE8-810-1.0/xmlfile-16_1.jpg]
A. The policy redirects all HTTP URLs to HTTPS
B. The policy redirects all HTTPS URLs to HTTP
C. The policy redirects only HTTPS URLs containing ^/(
D. The policy redirects only HTTPS URLs containing ^/(
عرض الإجابة
اجابة صحيحة: A
السؤال #22
Refer to the exhibit. You configured an IPsec tunnel to a branch office. Now you want to make sure that the encryption of the tunnel is offloaded to hardware. Referring to the exhibit, which statement is true?
A. utgoing traffic is offloaded; you cannot determine if incoming traffic is offloaded at this time
B. utgoing traffic is offloaded; incoming traffic not offloaded
C. ncoming and outgoing traffic is offloaded
D. raffic is not offloaded
عرض الإجابة
اجابة صحيحة: B
السؤال #23
Refer to the exhibit. FortiManager is configured with the Jinja Script under CLI Templates shown in the exhibit. Which two statements correctly describe the expected behavior when running this template? (Choose two.)
A. The Jinja template will automatically map the interface with “WAN” role on the managed FortiGate
B. The template will work if you change the variable format to $(WAN)
C. The template will work if you change the variable format to {{ WAN }}
D. The administrator must first manually map the interface for each device with a meta field
E. The template will fail because this configuration can only be applied with a CLI or TCL script
عرض الإجابة
اجابة صحيحة: CD
السؤال #24
The SECOPS team in your company has started a new project to store all logging data in a disaster recovery center. All FortiGates will log to a secondary FortiAnalyzer and establish a TCP session to send logs to the syslog server. Which two configurations will achieve this goal? (Choose two.)
A.
B.
C.
D.
عرض الإجابة
اجابة صحيحة: AC
السؤال #25
Click the Exhibit button. Referring to the exhibit, which two statements are true? (Choose two.)
A. port13 and port14 on FS448D-A should be connected to port13 and port14 on FS448D-B
B. LAG-1 and LAG-2 should be connected to a single 4-port 802
C. LAG-3 on switches on FS448D-A and FS448D-B may be connected to a single 802
D. LAG-1 and LAG-2 should be connected to a 4-port single 802
عرض الإجابة
اجابة صحيحة: BC
السؤال #26
Refer to the exhibit. You are deploying a FortiGate 6000F. The device should be directly connected to a switch. In the future, a new hardware module providing higher speed will be installed in the switch, and the connection to the FortiGate must be moved to this higher-speed port. You must ensure that the initial FortiGate interface connected to the switch does not affect any other port when the new module is installed and the new port speed is defined. How should the initial connection be made?
A. Connect the switch on any interface between ports 21 to 24
B. Connect the switch on any interface between ports 25 to 28
C. Connect the switch on any interface between ports 1 to 4correct
D. Connect the switch on any interface between ports 5 to 8
عرض الإجابة
اجابة صحيحة: C
السؤال #27
Click the Exhibit button. Referring to the exhibit, which two statements are true about local authentication? (Choose two.)
A. The user will be blocked 15 seconds after five login failures
B. When a ClientHello message indicating a renegotiation is received, the FortiGate will allow the TCP connection
C. The user's IP address will be blocked 15 seconds after five login failures
D. After five minutes, the user will need to re-authenticate
عرض الإجابة
اجابة صحيحة: CD
السؤال #28
Click the Exhibit button. You are working on an entry level model FortiGate that has been configured in flow-based inspection mode with various settings optimized for performance. It default. Your customer has found that some virus samples are not being appears that the main Internet firewall policy is using the antivirus profile labelled caught by the FortiGate. Referring to the exhibit, what is causing the problem? set default-db configuration was set to extreme.
A. The set options scan configuration items should have been changed to set options scan avmonitor
B. The
C. The default AV profile was modified to use quick scan-mode
D. The
عرض الإجابة
اجابة صحيحة: C
السؤال #29
Given the configuration shown in the exhibit, which two statements are true? (Choose two.)
A. LAG-3 on switches on FS448D-A and FS448D-B may be connected to a single 802
B. LAG-1 and LAG-2 should be connected to a 4-port single 802
C. port13 and port14 on FS448D-A should be connected to port13 and port14 on FS448D-correct
D. LAG-1 and LAG-2 should be connected to a single 4-port 802
عرض الإجابة
اجابة صحيحة: AC
السؤال #30
Your colleague has enabled virtual clustering to load balance traffic between the cluster units. You notice that all traffic is currently directed to a single FortiGate unit. Your colleague has applied the configuration shown in the exhibit. [Fortinet-NSE8-8.0/Fortinet-NSE8-2_2.png] Which step would you perform to load balance traffic within the virtual cluster?
A. Issue the diagnose sys ha reset-uptime command on the unit that is currently processing traffic to enable load balancing
B. Add an additional virtual cluster high-availability link to enable cluster load balancing
C. Input Virtual Cluster domain 1 and Virtual Cluster domain 2 device priorities for each cluster unit
D. Use the set override enable command on both units to allow the secondary unit to load balance traffic
عرض الإجابة
اجابة صحيحة: C

View The Updated Fortinet Exam Questions

SPOTO Provides 100% Real Fortinet Exam Questions for You to Pass Your Fortinet Exam!

Get Fortinet Practice Test

عرض الإجابات بعد التقديم

يرجى إرسال البريد الإلكتروني الخاص بك والواتس اب للحصول على إجابات الأسئلة.

ملحوظة: يرجى التأكد من صلاحية معرف البريد الإلكتروني وWhatsApp حتى تتمكن من الحصول على نتائج الاختبار الصحيحة.

بريد إلكتروني:
رقم الواتس اب/الهاتف:


Copyright © 2024. Designer by SPOTO Official Website. All Rights Reserved.