CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Fortinet
  5. NSE8_812

Free NSE8_812 Exam Braindumps (page: 3)

Page 3 of 16
PDF with 68 Questions

An HA topology is using the following configuration:



Based on this configuration, how long will it take for a failover to be detected by the secondary cluster member?

  1. 600ms
  2. 200ms
  3. 300ms
  4. 100ms

Answer(s): B

Explanation:

The HA heartbeat interval is 100ms, and the number of lost heartbeats before a failover is detected is 2. So, it will take 2 * 100ms = 200ms for a failover to be detected by the secondary cluster member.


Reference:

FortiGate High Availability: https://docs.fortinet.com/document/fortigate/7.0.0/administration- guide/647723/link-monitoring-and-ha-failover-time



Refer to the exhibit.



You have deployed a security fabric with three FortiGate devices as shown in the exhibit. FGT_2 has the following configuration:



FGT_1 and FGT_3 are configured with the default setting.
Which statement is true for the synchronization of fabric-objects?

  1. Objects from the FortiGate FGT_2 will be synchronized to the upstream FortiGate.
  2. Objects from the root FortiGate will only be synchronized to FGT__2.
  3. Objects from the root FortiGate will not be synchronized to any downstream FortiGate.
  4. Objects from the root FortiGate will only be synchronized to FGT_3.

Answer(s): C

Explanation:

The fabric-object-unification setting on FGT_2 is set to local, which means that objects will not be synchronized to any other FortiGate devices in the security fabric. The default setting for fabric- object-unification is default, which means that objects will be synchronized from the root FortiGate to all downstream FortiGate devices.
Since FGT_2 is not the root FortiGate and the fabric-object-unification setting is set to local, objects from the root FortiGate will not be synchronized to FGT_2.


Reference:

Synchronizing objects across the Security Fabric:
https://docs.fortinet.com/document/fortigate/6.4.0/administration-guide/880913/synchronizing- objects-across-the-security-fabric



Refer to the exhibit.



You are operating an internal network with multiple OSPF routers on the same LAN segment. FGT_3

needs to be added to the OSPF network and has the configuration shown in the exhibit. FGT_3 is not establishing any OSPF connection.
What needs to be changed to the configuration to make sure FGT_3 will establish OSPF neighbors without affecting the DR/BDR election?









Answer(s): B

Explanation:

The OSPF configuration shown in the exhibit is using the default priority value of 1 for the interface port1. This means that FGT_3 will participate in the DR/BDR election process with the other OSPF routers on the same LAN segment. However, this is not desirable because FGT_3 is a new device that needs to be added to the OSPF network without affecting the existing DR/BDR election. Therefore, to make sure FGT_3 will establish OSPF neighbors without affecting the DR/BDR election, the priority value of the interface port1 should be changed to 0. This will prevent FGT_3 from becoming a DR or BDR and allow it to form OSPF adjacencies with the current DR and BDR. Option B shows the correct configuration that changes the priority value to 0. Option A is incorrect because it does not change the priority value. Option C is incorrect because it changes the network type to point-to-point, which is not suitable for a LAN segment with multiple OSPF routers. Option D is incorrect because it changes the area ID to 0.0.0.1, which does not match the area ID of the other OSPF routers on the same LAN segment.


Reference:

https://docs.fortinet.com/document/fortigate/7.0.0/administration- guide/358640/basic-ospf-example



A retail customer with a FortiADC HA cluster load balancing five webservers in L7 Full NAT mode is receiving reports of users not able to access their website during a sale event. But for clients that were able to connect, the website works fine.
CPU usage on the FortiADC and the web servers is low, application and database servers are still able to handle more traffic, and the bandwidth utilization is under 30%.
Which two options can resolve this situation? (Choose two.)

  1. Change the persistence rule to LB_PERSIS_SSL_SESSJD.
  2. Add more web servers to the real server poof
  3. Disable SSL between the FortiADC and the web servers
  4. Add a connection-pool to the FortiADC virtual server

Answer(s): B,D

Explanation:

Option B: Adding more web servers to the real server pool will increase the overall capacity of the load balancer, which should help to resolve the issue of users not being able to access the website. Option D: Adding a connection-pool to the FortiADC virtual server will allow the load balancer to cache connections to the web servers, which can help to improve performance and reduce the number of dropped connections.
Option A: Changing the persistence rule to LB_PERSIS_SSL_SESSJD would only be necessary if the current persistence rule is not working properly. In this case, the CPU usage on the FortiADC and the web servers is low, so the persistence rule is likely not the issue. Option C: Disabling SSL between the FortiADC and the web servers would reduce the load on the FortiADC, but it would also make the website less secure. Since the bandwidth utilization is under 30%, it is unlikely that disabling SSL would resolve the issue.


Reference:

https://docs.fortinet.com/document/fortiadc/7.2.1/handbook/970956/configuring- virtual-servers



Page 3 of 16



Post your Comments and Discuss Fortinet NSE8_812 exam with other Community members:

sadai commented on October 04, 2024
I do not know to say thanks it is really useful
Anonymous
upvote

sadai commented on October 04, 2024
it was really useful thank you so much
Anonymous
upvote

sadai commented on October 04, 2024
Hi it was really helpful for me to improve my mind
Anonymous
upvote

Mohammed Haque commented on October 04, 2024
very useful site for exam prep
UNITED STATES
upvote

Melvin commented on October 04, 2024
Educational
Anonymous
upvote

NJ commented on October 04, 2024
Good Study Material
UNITED STATES
upvote

Tsholofelo commented on October 04, 2024
Mostly challenging question
Anonymous
upvote

Moana commented on October 04, 2024
Preperation
Anonymous
upvote

Nate commented on October 04, 2024
I worked really hard to pass this exam. It is a very hard exam. These questions are you best buddy. So use them.
UNITED STATES
upvote

Dominic commented on October 04, 2024
Lots of comments here asking if any one passed this exam. I did pass this exam. It is tough one. Study hard and use these exam questions and answers. You will be able to pass.
UNITED STATES
upvote

Miss Tech commented on October 04, 2024
@Lucas, hi did you pass?and how many questions were in the Exam because l can only see 47Q here on the dumps,???
Anonymous
upvote

Vani commented on October 04, 2024
Very useful
Anonymous
upvote

Priyanka Prasad commented on October 04, 2024
i need questions
Anonymous
upvote

Jack commented on October 03, 2024
are these still legit?
Anonymous
upvote

Ashok Kumar commented on October 03, 2024
Very good content to prep
UNITED STATES
upvote

User commented on October 03, 2024
By far one of the best free sources of exam dumps. I searched google for free braindumps and boom I got this right away.
UNITED STATES
upvote

Vignesh commented on October 03, 2024
I'm writing next week, are the questions still valid?
CZECH REPUBLIC
upvote

Rama commented on October 03, 2024
All looks good.
Anonymous
upvote

Yaron M commented on October 03, 2024
please stop the pain i cant take this anyomre my wife left me and she took the kids its been 54 years and i still cant pass AZ104 please make the suffering stop
Anonymous
upvote

Varon commented on October 03, 2024
The 2 hardest topics of this exams are: 1) Designing Resilient Architectures and 2) Cost-Optimized Architectures By mastering these areas, you’ll be better prepared for tricky exam questions related to resilient and cost-effective architectures.
INDIA
upvote

Haji Momen commented on October 03, 2024
The questions in the exam dumps are pretty same as the real exam the only problem is that it is not complete or has less questions compared to full version. I am from South Africa and this is expensive for me. So I will be using the free version.
South Africa
upvote

Saurabh commented on October 03, 2024
Super Course to go ahead
INDIA
upvote

solla maaten commented on October 03, 2024
just reviewing
Anonymous
upvote

DJ commented on October 03, 2024
This dump is still valid?
MALAYSIA
upvote

senan commented on October 03, 2024
salam bu ne suallardi bele
AZERBAIJAN
upvote

Rk commented on October 03, 2024
Good content
Anonymous
upvote

George commented on October 02, 2024
Focus on mastering designing scalable, resilient architectures and cost-optimization strategies using core AWS services for this SAA-C03 exam.
UNITED STATES
upvote

Esmaiel commented on October 02, 2024
This is a very good practice paper to get ready for exam. Helpful to me.
UNITED STATES
upvote

Fawad commented on October 02, 2024
The exam turned out to be very hard as stated by some users here. So there is no way to pass it unless you know the questions. And note that some of the answers in this exam dump PDF is not correct but the questions are legit.
EUROPEAN UNION
upvote

Moataz commented on October 02, 2024
I approve this exam dump. It is valid in UAE. I passed the test.
UNITED ARAB EMIRATES
upvote

JB commented on October 02, 2024
Thanks for the study material.
Anonymous
upvote

Nisino commented on October 02, 2024
After weeks of cramming and feeling overwhelmed, I ended up using this exam dumps as I badly needed to pass and it worked.
Netherlands
upvote

Hades commented on October 02, 2024
i hope this will help me pass
VIET NAM
upvote

Saboor commented on October 01, 2024
The answer to comment questions here: 1- Yes, The exam and it is very hard. 2- Yes, I passed this exam. But I did not just rely on this exam dumps but I had studied. Though I got most of these questions in my test. Good luck guys.
UNITED STATES
upvote