[Update Jan 17, 2021] NSE 8 Network Security Expert NSE8 dumps from Lead4Pass with PDF and VCE

January 17, 2021

Lead4Pass has shared the latest NSE8 dumps exam questions and answers more than once, and today continues to share some free NSE8 exam questions and answers to help all candidates progress.

Lead4Pass has also helped candidates pass the NSE 8 Network Security Expert NSE8 Fortinet Network Security Expert 8 Written (800) certification exam more than once because they use
Full NSE8 dumps with PDF and VCE: https://www.leads4pass.com/nse8.html (65 Q&A).

Read the NSE 8 Network Security Expert NSE8 exam questions and answers shared online today:

Number of exam questionsExam nameFromRelease time
8Fortinet Network Security Expert 8 Written (800)Lead4passJan 17, 2022
New Question 1:

You verified that application control is working from previously configured categories. You just added Skype on blocked signatures. However, after applying the profile to your firewall policy, clients running Skype can still connect and use the application.

What are two causes of this problem? (Choose two.)

A. The application control database is not updated.

B. SSL inspection is not enabled.

C. A client on the network was already connected to the Skype network and serves as relay prior to configuration changes to block Skype

D. The FakeSkype.botnet signature is included on your application control sensor.

 

Correct Answer: AB


New Question 2:

 

Given the following FortiOS 5.2 commands:

new nse8 exam questions 2

Which vulnerability is being addressed when managing FortiGate through an encrypted management protocol?

A. Remote Exploit Vulnerability in Bash (ShellShock)

B. Information Disclosure Vulnerability in OpenSSL (Heartbleed)

C. SSL v3 POODLE Vulnerability

D. SSL/TLS MITM vulnerability (CVE-2014-0224)

 

Correct Answer: C

References: http://kb.fortinet.com/kb/documentLink.do?externalID=FD36913


New Question 3:

 

A customer has the following requirements:

-local peer with two Internet links

-remote peer with one Internet link

-secure traffic between the two peers

-granular control with Accept policies

Which solution provides security and redundancy for traffic between the two peers?

A. a fully redundant VPN with interface mode configuration

B. a partially redundant VPN with interface mode configuration

C. a partially redundant VPN with tunnel mode configuration

D. a fully redundant VPN with tunnel mode configuration

 

Correct Answer: B


New Question 4:

 

new nse8 exam questions 4

How would you apply security to the network shown in the exhibit?

A. Replace RW1 with a ruggedized FortiGate and RW2 with a normal FortiGate. Enable industrial category on the application control. Place a FortiGate to secure Web servers. Configure IPsec to secure sensors data. Place a ruggedized FortiAP to provide Wi-Fi to the sensors.

B. Replace RW1 with a normal FortiGate and RW2 with a ruggedized FortiGate. Enable industrial category on the application control. Place a FortiGate to secure Web servers. Configure IPsec to secure sensors data. Place a FortiAP to provide Wi-Fi to the sensors.

C. Replace RW1 with a normal FortiGate and RW2 with a ruggedized FortiGate. Enable industrial category on the Web filter. Place a FortiWeb to secure Web servers. Configure IPsec to secure sensors data. Place a ruggedized FortiAP to provide Wi-Fi to the sensors.

D. Replace RW1 with a normal FortiGate and RW2 with a ruggedized FortiGate. Enable industrial category on the application control. Place a FortiWeb to secure Web servers. Configure IPsec to secure sensors data. Place a ruggedized FortiAP to provide Wi-Fi to the sensors.

 

Correct Answer: D


New Question 5:

 

Which Fortinet product is used for antispam protection?

A. FortiSwitch

B. FortiGate

C. FortiWeb

D. FortiDB

 

Correct Answer: B


New Question 6:

 

You have replaced an explicit proxy Web filter with a FortiGate. The human resources department requires that all URLs be logged. Users are reporting that their browsers are now indicating certificate errors as shown in the exhibit.

new nse8 exam questions 6

Which step is a valid solution to the problem?

A. Make sure that the affected users\’ browsers are no longer set to use the explicit proxy.

B. Import the FortiGate\’s SSL CA certificate into the Web browsers.

C. Change the Web filter policies on the FortiGate to only do certificate inspection.

D. Make a Group Policy to install the FortiGate\’s SSL certificate as a trusted host certificate on the Web browser.

 

Correct Answer: D

For https traffic inspection, client machine should install fortigate\’s ssl certificate


New Question 7:

 

You are managing a FortiAnalyzer appliance. After an upgrade, you notice that the unit no longer displays historical logs, reports do not produce any data, and FortiView summary views are empty. However, you notice that the unit is receiving

logs on the dashboard widgets.

Which step resolves this problem?

A. Execute the CLI command exec sql-local rebuild-db.

B. Execute the CLI command diag sql remove hcache.

C. Execute the CLI command exec sql-local reinsert-logs.

D. Restore the unit settings from a previous backup.

 

Correct Answer: A


New Question 8:

 

You are hosting Web applications that must be PCI DSS compliant. The Web applications are protected by a FortiWeb. Compliance will be tested during the quarterly security review. In this scenario, which three FortiWeb features should you use? (Choose three.)

A. Vulnerability Scan

B. Auto-learning

C. Syn Cookie

D. Credit Card Detection

E. the command.

 

Correct Answer: ACD

References: http://help.fortinet.com/fweb/551/Content/FortiWeb/fortiweb-admin/web_protection.htm


Lead4Pass updates NSE 8 Network Security Expert NSE8 exam questions and answers throughout the year and frequently shares a selection of free exam questions and answers, as shown above, candidates can improve themselves through online learning.

Also able to download the latest NSE8 dumps: https://www.leads4pass.com/nse8.html (Dumps PDF+VCE) to help them successfully pass the NSE8 Fortinet Network Security Expert 8 Written (800) certification exam on their first attempt.