Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Fortinet NSE8_812 Exam - Topic 1 Question 8 Discussion

Actual exam question for Fortinet's NSE8_812 exam
Question #: 8
Topic #: 1
[All NSE8_812 Questions]

Refer to the exhibit.

An HTTPS access proxy is configured to demonstrate its function as a reverse proxy on behalf of the web server it is protecting. It verifies user identity, device identity, and trust context, before granting access to the protected source. It is assumed that the FortiGate EMS fabric connector has already been successfully connected.

You need to ensure that ZTNA access through the FortiGate will redirect users to the FortiAuthenticator to perform username/password and multifactor authentication to validate access prior to accessing resources behind the FortiGate.

In this scenario, which two further steps need to be taken on the FortiGate? (Choose two.)

Show Suggested Answer Hide Answer
Suggested Answer: A, D

To ensure that unnecessary multicast traffic is pruned from links that do not have a multicast listener, you must disable IGMP flood traffic on the ICL trunks and enable IGMP flood reports on the ISL and FortiLink trunks.

Disabling IGMP flood traffic will prevent the FortiSwitch units from flooding multicast traffic to all ports on the ICL trunks. This will help to reduce unnecessary multicast traffic on the network.

Enabling IGMP flood reports will allow the FortiSwitch units to learn which ports are interested in receiving multicast traffic. This will help the FortiSwitch units to prune multicast traffic from links that do not have a multicast listener.


by Nelida at Aug 06, 2023, 03:42 AM

Limited Time Offer

25%

Off

Get Premium NSE8_812 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Carisa
4 months ago
I’m not sure about the SAML method, isn't there a simpler way?
upvoted 0 times
...
Gerald
4 months ago
Totally agree with A and C!
upvoted 0 times
...
Beatriz
4 months ago
Wait, does this really require a firewall rule? Seems odd.
upvoted 0 times
...
Franklyn
5 months ago
I think B is also necessary, though.
upvoted 0 times
...
Celeste
5 months ago
A and C are the right steps!
upvoted 0 times
...
Monte
5 months ago
I’m leaning towards needing to create a firewall rule as well, but I’m not confident if it’s necessary for this scenario.
upvoted 0 times
...
Gerald
5 months ago
I feel like creating an authentication scheme with SAML is important, but I can't recall if it was specifically mentioned in our study materials.
upvoted 0 times
...
Dick
5 months ago
I remember practicing a similar question where we had to set up authentication rules, so maybe we need to create that rule for the sso-auth-method too?
upvoted 0 times
...
Kris
6 months ago
I think we need to create a SAML user/server object for the FortiAuthenticator, but I'm not entirely sure if that's the only step.
upvoted 0 times
...
Josefa
6 months ago
This question seems straightforward, but I want to make sure I understand all the potential reasons before selecting the answers.
upvoted 0 times
...
Roselle
6 months ago
I'm not entirely sure, but I think cloud-based simulators can really mimic various network conditions effectively, especially for mobile testing!
upvoted 0 times
...
Renay
6 months ago
I’m a bit confused—is financial systems and their regulation one of the areas? I feel like it should be, but I can't recall exactly.
upvoted 0 times
...
Katina
6 months ago
Okay, let me think this through. The question is asking specifically about the FASB framework, so I need to focus on the key concepts there. I believe the correct answer is A - a decrease in an asset from primary operations.
upvoted 0 times
...
Buddy
10 months ago
Haha, can you imagine if the answer was D? Just opening up access to the resources behind the FortiGate without any authentication? That would be a security nightmare!
upvoted 0 times
...
Luke
10 months ago
Yeah, I'd go with B and C too. Creating a SAML user/server object (A) seems unnecessary since the question states the FortiGate EMS fabric connector is already connected.
upvoted 0 times
Delbert
9 months ago
Definitely, setting up the authentication scheme with SAML is crucial for ZTNA access.
upvoted 0 times
...
Brittney
9 months ago
Creating an authentication rule with sso-auth-method to the FortiAuthenticator is essential.
upvoted 0 times
...
Roy
9 months ago
Agreed, creating a SAML user/server object seems unnecessary in this case.
upvoted 0 times
...
Carmelina
10 months ago
I think B and C are the correct steps to take.
upvoted 0 times
...
...
Madelyn
11 months ago
I agree with Vilma. The question is asking for two steps, and B and C seem to be the ones that address the requirement to redirect users to the FortiAuthenticator for authentication.
upvoted 0 times
Naomi
9 months ago
Yes, those steps will ensure ZTNA access through FortiGate redirects users to FortiAuthenticator for authentication.
upvoted 0 times
...
Lettie
9 months ago
I think creating a SAML user/server object and setting the sso-auth-method to FortiAuthenticator are the two steps required.
upvoted 0 times
...
Chaya
10 months ago
Agreed, B and C are the steps needed to redirect users to FortiAuthenticator for authentication.
upvoted 0 times
...
...
Vilma
11 months ago
Hmm, I think the correct answers are B and C. We need to create an authentication rule that sets the SSO auth method to the FortiAuthenticator and an authentication scheme with SAML as the method.
upvoted 0 times
Floyd
10 months ago
That's correct, those are the two further steps needed on the FortiGate.
upvoted 0 times
...
Chantell
10 months ago
Yes, and we also need to create an authentication scheme with SAML as the method.
upvoted 0 times
...
Tamra
10 months ago
I agree, we need to set the SSO auth method to the FortiAuthenticator.
upvoted 0 times
...
...
Veronika
11 months ago
I believe creating a firewall rule for remote endpoint access is also important.
upvoted 0 times
...
Nu
12 months ago
I agree with Susana. We also need to create an authentication rule for the FortiAuthenticator.
upvoted 0 times
...
Susana
12 months ago
I think we need to create a SAML user/server object on the FortiGate.
upvoted 0 times
...

Save Cancel