A great way to start the Fortinet Certified Expert - Cybersecurity (NSE8 812) preparation is to begin by properly appreciating the role that syllabus and study guide play in the Fortinet NSE 8 certification exam. This study guide is an instrument to get you on the same page with Fortinet and understand the nature of the Fortinet NSE 8 Network Security Expert exam.
Our team of experts has composed this Fortinet NSE 8 exam preparation guide to provide the overview about Fortinet Network Security Expert 8 Written Exam exam, study material, sample questions, practice exam and ways to interpret the exam objectives to help you assess your readiness for the Fortinet NSE8 812 exam by identifying prerequisite areas of knowledge. We recommend you to refer the simulation questions and practice test listed in this guide to determine what type of questions will be asked and the level of difficulty that could be tested in the Fortinet NSE 8 Network Security Expert certification exam.
Fortinet NSE 8 Exam Overview:
| Exam Name | Network Security Expert 8 Written Exam |
| Exam Number | NSE 8 NSE8 812 |
| Exam Price | $400 USD |
| Duration | 120 minutes |
| Number of Questions | 60 |
| Passing Score | Pass / Fail |
| Recommended Training | FCX Immersion |
| Exam Registration | Pearson VUE |
| Sample Questions | Fortinet NSE 8 Sample Questions |
| Practice Exam | Fortinet Certified Expert - Cybersecurity Practice Test |
Fortinet NSE 8 Exam Topics:
| Section | Objectives |
|---|---|
Security architecture |
|
| Demonstrate knowledge of FortiGate Network Security products |
- Chassis solutions 6000/7000 modules and architecture - Correct hardware production selection based on design |
| Demonstrate knowledge of Fortinet Security Fabric Solution deployments |
- FortiMail - FortiSandbox - Traditional networks and hybrid/cloud/multi-cloud networks - Logging and management protocols used by Fortinet, and required network architecture for resiliency |
| Demonstrate knowledge of Fortinet high-availability solutions |
- Core products - Types of the HA solutions - HA and Cloud deployments - Optimization |
Infrastructure |
|
| Demonstrate knowledge of FortiGate operation modes |
- Transparent Mode and Layer-2 Traffic - VDOM and VDOM links |
| Demonstrate knowledge of FortiGate hardware technology |
- NP6/NP7/nTurbo/CP9/SoC4 acceleration and acceleration concepts - Hyperscale requirements, operation, limitations - Traffic Flows during acceleration and offloading - Describe and design hardware accelerated networks with FortiGate devices - FortiGate chassis/module architecture - Life of packet - Hardware offloading |
| Demonstrate knowledge of non-FortiGate hardware technology |
- Hardware v virtual - FAZ, SIEM |
| Demonstrate knowledge of Fortinet solutions for cloud security |
- Private cloud - Public cloud - SAAS - SASE |
Networking |
|
| Demonstrate knowledge of advanced routing and networking technologies |
- Static routing - Dynamic routing (OSPF/BGP) - Routing and high availability concepts - Asymmetric routing - Secure SD-WAN Routing - Policy Routing - Multi-cast routing - Routing control - NAT
- IPv6
- Traffic shaping
- Virtual wire pairs
|
| Demonstrate knowledge of advanced VPN design methodologies |
- SSL VPN / IPSEC - Aggregate VPN - ADVPN - VXLAN over IPSEC - GRE - IKEv1 vs IKEv2 differences |
| Demonstrate knowledge of Fortinet access solutions advanced configurations and features |
- FortiSwitch advanced configurations
- FortiAP advanced configurations
- Advanced use cases of FortiExtender (IPSEC VPN, VLAN mode)
- FortiOS access control features
|
| Demonstrate knowledge of how to integrate Fortinet access solutions |
- Advanced authentication for access layer
- FortiLink advanced configurations
- Centralized management of access products from FortiManager
- Fortinet Security Fabric and integrated management of Firewall, access, and ATP products |
| Demonstrate knowledge of application delivery |
- Load balancing - Health checks |
Secure SD-WAN |
|
| Demonstrate knowledge of SD-WAN advanced architecture and design |
- Design and implement a full featured SD-WAN solution with dynamic routing - Local traffic routing with SD-WAN - Understanding SD-WAN rules and failover |
| Demonstrate knowledge of SD-WAN advanced features |
- Azure vWAN - ADVPN design and requirements - Packet duplication and aggregate tunnels - Network overlays |
| Demonstrate knowledge of SD-WAN troubleshooting |
- Session failover with NAT - Session route change with max bandwidth method - Shortcut tunnels and BGP |
Security Solutions |
|
| Demonstrate knowledge of Fortinet application security solutions |
- Operation and deployment modes - Designing resilient solutions - Advanced security inspection - FortiGuard services for enhanced Fortinet solutions - Troubleshooting application security issues |
| Demonstrate knowledge of Fortinet network security solutions |
- Inspection modes - Security profiles - Troubleshooting FortiOS security features - FortiGuard services for FortiOS security services - VoIP
- HTTP/2
|
| Demonstrate knowledge of authentication mechanisms |
- Implement SAML authentication - Integrate external authentication using Radius / LDAP - Configuring Fortinet product authentication using FortiAuthenticator - Authentication using VSAs with Radius for automated roles / profiles - Two factor authentication using certificates and tokens - Fortinet FSSO using collectors and FortiAuthenticator - Integrate with AD certificate services - RBAC, authentication and certificate management solutions with Fortinet Management products |
Security operations |
|
| Demonstrate knowledge of Fortinet SOC solution |
- Integrate Fortinet solutions for advanced threat protection - Security incident handling - Security incident enrichment - Threat analysis and incident response - Automated remediation - Fortinet management and logging tools |
| Demonstrate knowledge of Fortinet endpoint solutions |
- Network admission control solution - Device On-boarding using various methods - FCT Client Profile - VPN Profile Management - FortiClient EMS installation package managing - EMS on net / off net - ZTNA Policy / configuration (EMS/FCT/FG/FAC) - Endpoint protection (Client/Guest) - Quarantine functions on both LAN/WLAN - EDR - Playbooks / Exceptions |
Automation |
|
| Demonstrate knowledge of Fortinet Automation tools, solutions, and integrations |
- Automation Stiches - Understand Fabric connectors - Zero Touch Configuration/Zero Touch Provisioning - Automated Response Systems (SOAR/Handlers) - FortiSIEM log automation triggers |
| Demonstrate knowledge of Fortinet build-in scripting capabilities |
- FortiManager CLI/TCL Scripting - FMG CLI Template + Variables - FortiGate AutoScript |
| Demonstrate knowledge of Fortinet API configuration and usage |
- FortiGate webhook triggers - API Integration within the Security Fabric - Understand principles of API usage (including required config) - Solutions for rollout and management of large scale FortiGate networks (Fortinet or 3rd party management tools) |
Fortinet NSE8 812 Exam Description:
The Fortinet Certified Expert (FCX) is Cybersecurity designation recognizes your comprehensive knowledge of network security design, configuration, and troubleshooting for complex networks. To attempt the exam, you must have industry experience.