Latest Fortinet NSE8 Exam Questions For Free – (March-2018 dumps)

Passing Fortinet Network Security Expert NSE8 exam with overnight preparation is not hard if you get both practice test software and PDF files preparation products with money back guarantee. Fortinet Network Security Expert 8 Written Exam NSE8 exam Practice test software is a simulation like real NSE8 exam however PDF files provide the latest NSE8 exam questions very similar to the pattern of real NSE8 exam questions. Make MacAfee Secure transaction to get these NSE8 exam questions with money back guarantee.

♥ VALID NSE8 Exam Questions 2018 ♥

NSE8 exam questions, NSE8 PDF dumps; NSE8 exam dumps:: https://www.dumpsschool.com/NSE8-exam-dumps.html (65 Q&A) (New Questions Are 100% Available! Also Free Practice Test Software!)

Latest Fortinet NSE8 Dumps Exam Questions and Answers:

Version: 9.0
Question: 21

You are asked to implement a wireless network for a conference center and need to provision a high number of access points to support a large number of wireless client connections.
Which statement describes a valid solution for this requirement?

A. Use a captive portal for guest access. Use both 2.4 GHz and 5 GHz bands. Enable frequency and access point hand-off. Use more channels, thereby supporting more clients.
B. Use an open wireless network with no portal. Use both 2.4 GHz and 5 GHz bands. Use 802.11ac capable access points and configure channel bonding to support greater throughput for wireless clients.
C. Use a pre-shared key only for wireless client security. Use the 5 GHz band only for greater security. Use 802.11ac capable access points and configure channel bonding to support greater throughput for wireless clients.
D. Use a captive portal for guest access. Use both the 2.4 GHz and 5 GHz bands, and configure frequency steering. Configure rogue access point detection in order to automatically control the transmit power of each AP.

Answer: D

Question: 22

You are asked to design a secure solution using Fortinet products for a company. The company recently has Web servers that were exploited and defaced. The customer has also experienced Denial or Service due to SYN Flood attacks. Taking this into consideration, the customer’s solution should have the following requirements:
– management requires network-based content filtering with man-in-the-middle inspection
– the customer has no existing public key infrastructure but requires centralized certificate management
– users are tracked by their active directory username without installing any software on their hosts
– Web servers that have been exploited need to be protected from the OWASP Top 10
– notification of high volume SYN Flood attacks when a threshold has been triggered
Which three solutions satisfy these requirements? (Choose three.)

A. FortiGate
B. FortiClient
C. FortiWeb
D. FortiAuthenticator
E. FortiDDOS

Answer: A,C,E

Question: 23

The exhibit shows an explicit Web proxy configuration in a FortiGate device. The FortiGate is installed between a client with the IP address 172.16.10.4 and a Web server using port 80 with the IP address 10.10.3.4. The client Web browser is properly sending HTTP traffic to the FortiGate Web proxy IP address 172.16.10.254.
Which two sniffer commands will capture this HTTP traffic? (Choose two.)

A. diagnose sniffer packet any ‘host 172.16.10.4 and host 172.16.10.254’ 3
B. diagnose sniffer packet any ‘host 172.16.10.254 and host 10.10.3.4’ 3
C. diagnose sniffer packet any ‘host 172.16.10.4 and port 8080’ 3
D. diagnose sniffer packet any ‘host 172.16.10.4 and host 10.10.3.4’ 3

Answer: C,D

Explanation:
Sniffer should run between webproxy to webserver
And also Sniffer between client machine to web proxy connectivity as it is in explicit mode.

Question: 24

Your colleague has enabled virtual clustering to load balance traffic between the cluster units. You notice that all traffic is currently directed to a single FortiGate unit. Your colleague has applied the configuration shown in the exhibit.

Which step would you perform to load balance traffic within the virtual cluster?

A. Issue the diagnose sys ha reset-uptime command on the unit that is currently processing traffic to enable load balancing.
B. Add an additional virtual cluster high-availability link to enable cluster load balancing.
C. Input Virtual Cluster domain 1 and Virtual Cluster domain 2 device priorities for each cluster unit.
D. Use the set override enable command on both units to allow the secondary unit to load balance traffic.

Answer: C

Question: 25

A data center for example.com hosts several separate Web applications. Users authenticate with all of them by providing their Active Directory (AD) login credentials. You do not have access to Example, Inc.’s AD server. Your solution must do the following:
– provide single sign-on (SSO) for all protected Web applications
– prevent login brute forcing
– scan FTPS connections to the Web servers for exploits
– scan Webmail for OWASP Top 10 vulnerabilities such as session cookie hijacking, XSS, and SQL injection attacks
Which solution meets these requirements?

A. Apply FortiGate deep inspection to FTPS. It must forward FTPS, HTTP, and HTTPS to FortiWeb. Configure FortiWeb to query the AD server, and apply SSO for Web requests. FortiWeb must forward FTPS directly to the Web servers without inspection, but proxy HTTP/HTTPS and block Web attacks.
B. Deploy FortiDDos to block brute force attacks. Configure FortiGate to forward only FTPS, HTTP, and HTTPS to FortiWeb. Configure FortiWeb to query the AD server, and apply SSO for Web requests. Also configure it to scan FTPS and Web traffic, then forward allowed traffic to the Web servers.
C. Use FortiGate to authenticate and proxy HTTP/HTTPS; to verify credentials, FortiGate queries the AD server. Also configure FortiGate to scan FTPS before forwarding, and to mitigate SYN floods. Configure FortiWeb to block Web attacks.
D. Install FSSO Agent on servers. Configure FortiGate to inspect FTPS. FortiGate will forward FTPS, HTTP, and HTTPS to FortiWeb. FortiWeb must block Web attacks, then forward all traffic to the Web servers.

Answer: D

Explanation:
FSSO agent integrate fortigate with AD then inspect bruteforce,FTPS,HTTP, and HTTPS using fortiweb and then forward all traffic to web server.

Question: 26

You are hosting Web applications that must be PCI DSS compliant. The Web applications are protected by a FortiWeb. Compliance will be tested during the quarterly security review.
In this scenario, which three FortiWeb features should you use? (Choose three.)

A. Vulnerability Scan
B. Auto-learning
C. Syn Cookie
D. Credit Card Detection
E. the command.

Answer: A,C,D

Explanation:
References:
http://help.fortinet.com/fweb/551/Content/FortiWeb/fortiweb-admin/web_protection.htm

New Updated NSE8 Exam Questions NSE8 PDF dumps NSE8 practice exam dumps: https://www.dumpsschool.com/NSE8-exam-dumps.html

         

Facebook Comments