Your NOC contracts the security team due to a problem with a new application flow. You are instructed to
disable hardware acceleration for the policy shown in the exhibit for troubleshooting purposes.
Which command will disable hardware acceleration for the new application policy?
A:
B:
C:
D:
A. Option C
B. Option A
C. Option D
D. Option B
正解:C
質問 2:
Referring to the exhibit, which statement is true?
A. The packet was protected with an unsupported encryption algorithm.
B. The IPsec negotiation failed because the SPI was unknown.
C. The packet did not match any of the local IPsec SAs.
D. The packet failed the HMAC validation.
正解:D
質問 3:
You are asked to establish a VPN tunnel with a service provider using a third-party VPN device. The
service provider has assigned subnet 30.30.30.0/24 for your outgoing traffic going towards the services
hosted by the provider on network 20.20.20.0/24. You have multiple computers which will be accessing
the remote services hosted by the service provider.
Which three configuration components meet these requirements? (Choose three.)
A. Configure an IP Pool of Type One-to-One for range 30.30.30.10-30.30.30.10. Enable NAT on a policy
from your LAN towards the VPN tunnel and select that pool.
B. Configure IPsec phase 2 proxy IDs for a source of 30.30.30.0/24 and destination of 20.20.20.0/24.
C. Configure a static route towards the VPN tunnel for 20.20.20.0/24.
D. Configure IPsec phase 2 proxy IDs for a source of 10.10.10.0/24 and destination of 20.20.20.0/24.
E. Configure an IP Pool of type Overload for range 30.30.30.10-30.30.30.10. Enable NAT on a policy from
your LAN forwards the VPN tunnel and select that pool.
正解:A
質問 4:
Referring to the command output shown on the exhibit, how many hosts are connected to the FortiGate?
A. 256
B. 6
C. 7
D. 2
正解:B
質問 5:
You are managing a FortiAnalyzer appliance. After an upgrade, you notice that the unit no longer displays
historical logs, reports do not produce any data, and FortiView summary views are empty.
However, you notice that the unit is receiving logs on the dashboard widgets.
Which step resolves this problem?
A. Execute the CLI command exec sql-local rebuild-db.
B. Execute the CLI command diag sql remove hcache.
C. Execute the CLI command exec sql-local reinsert-logs.
D. Restore the unit settings from a previous backup.
正解:A
質問 6:
How would you apply security to the network shown on the exhibit?
A. Replace RW1 with a normal FortiGate and RW2 with a ruggedized FortiGate. Enable industrial
category on the application controL Place a FortiWeb to secure Web servers. Configure IPsec to secure
sensors data. Place a ruggedized FortiAP to provide Wi-Fi to the sensors.
B. Replace RW1 with a normal FortiGate and RW2 with a ruggedized FortiGate. Enable industrial
category on the application controL Place a FortiGate to secure Web servers. Configure IPsec to secure
sensors data. Place a FortiAP to provide Wi-Fi to the sensors.
C Replace RW1 with a normal FortiGate and RW2 with a ruggedized FortiGate. Enable industrial
category on the Web filter. Place a FortiWeb to secure Web servers. Configure IPsec to secure sensors
data. Place a ruggedized FortiAP to provide Wi-Fi to the sensors.
C. Replace RW1 with a ruggedized FortiGate and RW2 with a normal FortiGate. Enable industrial
category on the application control Place a FortiGate to secure Web servers. Configure IPsec to secure
sensors data. Place a ruggedized FortiAP to provide Wi-Fi to the sensors.
正解:A
Hazuki -
NSE8合格できました。ありがとうございました。ほかの資格も取得予定がありますが、今後もとよろしくお願いします。