Fortinet NSE8_811 Exam

Status: RETIRED

Certification Provider: Fortinet

Exam Name: Fortinet NSE 8 Written Exam (NSE8_811)

Number of questions in our database: 65

Exam Version: 07-04-2023

NSE8_811 Exam Official Topics:

Topic 1: Single Topic

Free Fortinet NSE8_811 Exam Actual Questions

The questions for NSE8_811 were last updated On 07-04-2023

Question #1

Refer to the exhibit.

Anti-Virus Real-Time Protection is enabled without any exclusions.

Referring to the exhibit, which two behaviors will the FortiClient endpoint have after receiving the profile update from the FortiClient EMS? (Choose two.)

AAccess to a downloaded file will always be allowed after 60 seconds when the FortiSandbox is reachable.

BThe user will not be able to access a downloaded file for a maximum of 60 seconds if it is not a virus and the FortiSandbox is reachable.

CFiles executed from a mapped network drive will not be inspected by the FortiClient endpoint AntiVirus
engine.

DIf the Real-Time Protection does not detect a virus, the user will be able to access a downloaded file when the FortiSandbox is unreachable.

Reveal Solution

Correct Answer: B, D

https://docs.fortinet.com/document/forticlient/6.0.0/ems-administration-guide/324667/sandbox-detection

Question #2

You configured a firewall policy with only a Web filter profile for accessing the Internet. Access to websites belonging to the "Information Technology" category are blocked and to the "Business" category are allowed. SSL deep inspection is not enabled on this policy.

A user wants to access the website https://www.it-acme.com which presents a certificate with CN=www.acme.com. The it-acme.com domain is categorized as "Information Technology" and the acme.com domain is categorized as "Business".

Which statement regarding this scenario is correct?

AThe FortiGate is able to read the URL within HTTPS sessions when using SSL certificate inspection so the website will be blocked by the 'Information Technology'.

BThe website will be blocked by category 'Information Technology' as the SNI takes precedence over the certificate name.

CThe website will be allowed by category 'Business' as the certificate name takes precedence over the
URL.

DOnly with SSL deep inspection enabled will the FortiGate be able to categorized this website.

Reveal Solution

Correct Answer: B

Question #3

An old router has been replaced by a FortiWAN device. The FortiWAN has inherited the router's management IP address and now the network administrator needs to remove the old router from the FortiSIEM configuration.

Which two statements are true about this operation? (Choose two.)

AFortiSIEM will discover a new device for the FortiWAN with the same IP.

BThe old router will be completely deleted from FortiSIEM's CMDB.

CFotiSEIM needs a special syslog for FortiWAN.

DFortiSIM will move the old router device into the Decommission folder.

Reveal Solution

Correct Answer: A, D

https://www.fortinetguru.com/2017/05/fortisiem-decommissioning-a-device/

Question #4

Click the Exhibit button.

config system ha

set mode a-a

set group-id 1

set group-name main

set hb_dev port2 100

set session-pickup enable

end

You have configured an HA cluster with two FortiGates. You want to make sure that you are able to manage the individual cluster members directly using port3.

Referring to the exhibit, what are two ways to accomplish this task? (Choose two.)

ADisable the sync feature on porl3: then configure specific IPs for ports on both cluster members.

BConfigure port3 to be a dedicated HA management interface, then configure specific IPs for port3 on both cluster members.

CCreate a management VDOM and Disable the HA synchronization for this VDOM, assign ports to this VDOM, then configure specific IPs for ports on both cluster member.

DAllow administrative access in the HA heartbeat interfaces.

Reveal Solution

Correct Answer: B, C

Question #5

Refer to the exhibit.

Click the Exhibit button.

A FortiGate with the default configuration is deployed between two IP phones. FortiGate receives the INVITE request shown in the exhibit form Phone A (internal)to Phone B (external). Which two actions are taken by the FortiGate after the packet is received? (Choose two.)

AA pinhole will be opened to accept traffic sent to FortiGate's WAN IP address and ports 49169 and 49170.

Ba pinhole will be opened to accept traffic sent to FortiGate's WAN IP address and ports 49l70 and 49171.

CThe phone A IP address will be translated lo the WAN IP address in all INVITE header fields and the m: field of the SDP statement.

DThe phone A IP address will be translated for the WAN IP address in all INVITE header fields and the SDP statement remains intact.

Reveal Solution

Correct Answer: B, C

''Also, the FortiGate must translate the addresses contained in the SIP headers and SDP body of the SIP messages The RTP port number as defined in the SIP message and an RTCP port number, which is the RTP port number plus 1''

Unlock all NSE8_811 Exam Questions with Advanced Practice Test Features:

Select Question Types you want
Set your Desired Pass Percentage
Allocate Time (Hours : Minutes)
Create Multiple Practice tests with Limited Questions
Customer Support

Get Full Access Now

Disscuss Fortinet NSE8_811 Topics, Questions or Ask Anything Related

Submit Cancel