Fortinet NSE 8 Certification Exam Sample Questions and Answers

NSE 8 Network Security Expert Dumps, NSE 8 Dumps, Fortinet NSE8 810 PDF, NSE 8 PDF, NSE 8 Network Security Expert VCE, Fortinet NSE 8 Network Security Expert Questions PDF, Fortinet Exam VCE, Fortinet NSE 8 VCE, NSE 8 Network Security Expert Cheat SheetBefore you write the Fortinet NSE 8 Network Security Expert (NSE 8) certification exam, you may have certain doubts in your mind regarding the pattern of the test, the types of questions asked in it, the difficulty level of the questions and time required to complete the questions. These Fortinet Network Security Expert 8 (NSE8 810) sample questions and demo exam help you in removing these doubts and prepare you to take the test.

The best approach to pass your Fortinet NSE 8 exam is to challenge and improve your knowledge. To test your learning and identify improvement areas with actual exam format, we suggest you practice with Premium Fortinet NSE 8 Certification Practice Exam. The practice test is one of the most important elements of your Fortinet Network Security Expert 8 (NSE8 810) exam study strategy to discover your strengths and weaknesses, to improve your time management skills and to get an idea of the score you can expect.

Fortinet NSE 8 (NSE8 810) Sample Questions:

01. You have received an issue report about users not being able to use a video conferencing application. This application uses two UDP ports and two TCP ports to communicate with servers on the Internet. The network engineering team has confirmed there is no routing problem. You are given a copy of the FortiGate configuration.
Which three configuration objects will you inspect to ensure that no policy is blocking this traffic?
(Choose three.)
a) config firewall interface-policy
b) config firewall DoS-policy
c) config firewall policy
d) config firewall multicast-policy
e) config firewall sniffer-policy
 
02. Which Fortinet product is used for antispam protection?
a) FortiSwitch
b) FortiGate
c) FortiWeb
d) FortiDB
 
03. A FortiGate is deployed in the NAT/Route operation mode. This operation mode operates at which OSI layer?
a) Layer 4
b) Layer 1
c) Layer 3
d) Layer 2
 
04. Your FortiGate has multiple CPUs. You want to verify the load for each CPU. Which two commands will accomplish this task?
(Choose two.)
a) get system performance status
b) diag system mpstat
c) diag system cpu stat
d) diag system top
 
05. There is an interface-mode IPsec tunnel configured between FortiGate1 and FortiGate2. You want to run OSPF over the IPsec tunnel. On both FortiGates. the IPsec tunnel is based on physical interface port1. Port1 has the default MTU setting on both FortiGate units.
Which statement is true about this scenario?
a) A multicast firewall policy must be added on FortiGate1 and FortiGate2 to allow protocol 89.
b) The MTU must be set manually in the OSPF interface configuration.
c) The MTU must be set manually on the IPsec interface.
d) An IP address must be assigned to the IPsec interface on FortiGate1 and FortiGate2.
 
06. You are asked to write a FortiAnalyzer report that lists the session that has consumed the most bandwidth. You are required to include the source IP, destination IP, application, application category, hostname, and total bandwidth consumed.
Which dataset meets these requirements?
a) select from_itime(itime) as timestamp, srcip, dstip, app, appcat, hostname, sum(coalesce(‘sentbyte”, 0) +coalesce (‘recbyte “, 0)) as bandwidth from $log where $filter LIMIT 1
b) select from_itime(itime) as timestamp, srcip, dstip, app, appcat, hostname, sum(coalesce(‘sentbyte”, 0) +coalesce (‘recbyte“, 0)) as bandwidth from $log where $filter LIMIT 1
c) select from_itime(itime) as timestamp, srcip, dstip, app, appcat, hostname, sum(coalesce(‘sentbyte”, 0) +coalesce (‘rcvdbyte“, 0)) as bandwidth from $log where $filter LIMIT 1
d) select from_itime(itime) as timestamp, sourceip, destip, app, appcat, hostname, sum(coalesce(‘sentbyte’, 0)+coalesce (‘rcvdbyte“, 0)) as bandwidth from $log where $filter LIMIT 1
 
07. Regarding tunnel-mode SSL VPN, which three statements are correct?
(Choose three.)
a) Split tunneling is supported.
b) It requires the installation of a VPN client.
c) It requires the use of an Internet browser.
d) It does not support traffic from third-party network applications.
e) An SSL VPN IP address is dynamically assigned to the client by the FortiGate unit.
 
08. Virtual Domains (VDOMs) allow a FortiGate administrator to do what?
a) Group two or more FortiGate units to form a single virtual device.
b) Split a physical FortiGate unit into multiple virtual devices.
c) Create multiple VLANs in a single physical interface,
d) Group multiple physical interfaces to form a single virtual interface.
 
09. Which VPN protocol is supported by FortiGate units?
(Choose two.)
a) E-LAN
b) PPTP
c) DMVPN
d) OpenVPN
 
10. You are managing a FortiAnalyzer appliance. After an upgrade, you notice that the unit no longer displays historical logs, reports do not produce any data, and FortiView summary views are empty.
However, you notice that the unit is receiving logs on the dashboard widgets. Which step resolves this problem?
a) Execute the CLI command exec sql-local rebuild-db.
b) Execute the CLI command diag sql remove hcache.
c) Execute the CLI command exec sql-local reinsert-logs.
d) Restore the unit settings from a previous backup.

Solutions:

Question: 01

Answer: b, c, e

Question: 02

Answer: b

Question: 03

Answer: c

Question: 04

Answer: a, d

Question: 05

Answer: b

Question: 06

Answer: c

Question: 07

Answer: a, b, e

Question: 08

Answer: b

Question: 09

Answer: b, c

Question: 10

Answer: a

Note: If you find any error in these Fortinet Network Security Expert 8 (NSE8 810) sample questions, you can update us by write an email on feedback@nwexam.com.

Rating: 5 / 5 (24 votes)