Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Fortinet Exam NSE8_812 Topic 1 Question 8 Discussion

Actual exam question for Fortinet's NSE8_812 exam
Question #: 8
Topic #: 1
[All NSE8_812 Questions]

Refer to the exhibit.

An HTTPS access proxy is configured to demonstrate its function as a reverse proxy on behalf of the web server it is protecting. It verifies user identity, device identity, and trust context, before granting access to the protected source. It is assumed that the FortiGate EMS fabric connector has already been successfully connected.

You need to ensure that ZTNA access through the FortiGate will redirect users to the FortiAuthenticator to perform username/password and multifactor authentication to validate access prior to accessing resources behind the FortiGate.

In this scenario, which two further steps need to be taken on the FortiGate? (Choose two.)

Show Suggested Answer Hide Answer
Suggested Answer: A, D

To ensure that unnecessary multicast traffic is pruned from links that do not have a multicast listener, you must disable IGMP flood traffic on the ICL trunks and enable IGMP flood reports on the ISL and FortiLink trunks.

Disabling IGMP flood traffic will prevent the FortiSwitch units from flooding multicast traffic to all ports on the ICL trunks. This will help to reduce unnecessary multicast traffic on the network.

Enabling IGMP flood reports will allow the FortiSwitch units to learn which ports are interested in receiving multicast traffic. This will help the FortiSwitch units to prune multicast traffic from links that do not have a multicast listener.


by Nelida at Aug 06, 2023, 03:42 AM

Limited Time Offer

25%

Off

Get Premium NSE8_812 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Buddy
30 days ago
Haha, can you imagine if the answer was D? Just opening up access to the resources behind the FortiGate without any authentication? That would be a security nightmare!
upvoted 0 times
...
Luke
1 months ago
Yeah, I'd go with B and C too. Creating a SAML user/server object (A) seems unnecessary since the question states the FortiGate EMS fabric connector is already connected.
upvoted 0 times
Delbert
21 hours ago
Definitely, setting up the authentication scheme with SAML is crucial for ZTNA access.
upvoted 0 times
...
Brittney
5 days ago
Creating an authentication rule with sso-auth-method to the FortiAuthenticator is essential.
upvoted 0 times
...
Roy
9 days ago
Agreed, creating a SAML user/server object seems unnecessary in this case.
upvoted 0 times
...
Carmelina
17 days ago
I think B and C are the correct steps to take.
upvoted 0 times
...
...
Madelyn
1 months ago
I agree with Vilma. The question is asking for two steps, and B and C seem to be the ones that address the requirement to redirect users to the FortiAuthenticator for authentication.
upvoted 0 times
Naomi
8 days ago
Yes, those steps will ensure ZTNA access through FortiGate redirects users to FortiAuthenticator for authentication.
upvoted 0 times
...
Lettie
9 days ago
I think creating a SAML user/server object and setting the sso-auth-method to FortiAuthenticator are the two steps required.
upvoted 0 times
...
Chaya
1 months ago
Agreed, B and C are the steps needed to redirect users to FortiAuthenticator for authentication.
upvoted 0 times
...
...
Vilma
2 months ago
Hmm, I think the correct answers are B and C. We need to create an authentication rule that sets the SSO auth method to the FortiAuthenticator and an authentication scheme with SAML as the method.
upvoted 0 times
Floyd
12 days ago
That's correct, those are the two further steps needed on the FortiGate.
upvoted 0 times
...
Chantell
22 days ago
Yes, and we also need to create an authentication scheme with SAML as the method.
upvoted 0 times
...
Tamra
1 months ago
I agree, we need to set the SSO auth method to the FortiAuthenticator.
upvoted 0 times
...
...
Veronika
2 months ago
I believe creating a firewall rule for remote endpoint access is also important.
upvoted 0 times
...
Nu
2 months ago
I agree with Susana. We also need to create an authentication rule for the FortiAuthenticator.
upvoted 0 times
...
Susana
2 months ago
I think we need to create a SAML user/server object on the FortiGate.
upvoted 0 times
...

Save Cancel