Fortinet NSE 8 Written Exam

Here you have the best Fortinet NSE8_811 practice exam questions

  • You have 53 total questions to study from
  • Each page has 5 questions, making a total of 11 pages
  • You can navigate through the pages using the buttons at the bottom
  • This questions were last updated on December 24, 2024
Question 1 of 53

You want to manage a FortiGate with the FortiCloud service. The FortiGate shows up in your list of devices on the FortiCloud Web site, but all management functions are either missing or grayed out.

Which statement is correct in this scenario?

    Correct Answer: C

    The managed FortiGate requires that a FortiCloud management license be purchased and applied. Without this license, the management functions will be restricted or unavailable despite the FortiGate appearing in the list of devices on the FortiCloud web site.

Question 2 of 53

Refer to the exhibit.

The exhibit shows the steps for creating a URL rewrite policy on a FortiWeb.

Which statement represents the purpose of this policy?

    Correct Answer: B

    The purpose of this policy is to redirect all HTTP URLs to HTTPS. The provided configuration shows a rewrite rule that applies a redirection action to URLs, using a regular expression to match any HTTP URL and transforming the URL to HTTPS while retaining the original host and path. Specifically, the 'set location "https://$0/$1"' line indicates the URL format for the redirection, ensuring that HTTP requests are rewritten to use HTTPS.

Question 3 of 53

You are asked to add a FortiDDoS to the network to combat detected slow connection attacks such as Slowloris.

Which prevention mode on FortiDDoS will protect you against this specific type of attack?

    Correct Answer: B

    To combat detected slow connection attacks like Slowloris, FortiDDoS should be set to use aggressive aging mode. This mode helps in mitigating such attacks by reducing the timeout for connections that exhibit suspiciously slow behavior, thus preventing the attacker from keeping the connection open indefinitely.

Question 4 of 53

You are building a FortiGate cluster which is stretched over two locations. The HA connections for the cluster are terminated on the local switches in the data centers. Once the FortiGate devices have booted, they do not form a cluster. The network operators inform you that CRC errors are present on the switches where the FortiGate devices are connected.

What should you do to solve this problem?

    Correct Answer: B

    When CRC errors are present on network switches, it typically indicates a problem with the physical layer, such as faulty cables or connections. Replacing the cables where the CRC errors occur is a standard troubleshooting step to resolve issues related to physical connectivity and data integrity, ensuring proper communication between devices.

Question 5 of 53

You want to access the JSON API on FortiManager to retrieve information on an object.

In this scenario, which two methods will satisfy the requirement? (Choose two.)

    Correct Answer: B, D

    To access the JSON API on FortiManager and retrieve information on an object, you can use methods that interact with APIs directly. Using the curl utility from your workstation allows you to make HTTP requests to the API and receive the data in JSON format, making it a suitable method. Similarly, making a call with a web browser on your workstation can also send HTTP requests to the API endpoint and retrieve data in JSON format. Downloading a WSDL file and using SoapUI is more aligned with SOAP-based APIs rather than JSON APIs.