1. Home
  2. Fortinet
  3. NSE8_810

Fortinet Network Security Expert 8 Written Exam (810)

Exam Details

  • Exam Code
    :NSE8_810
  • Exam Name
    :Fortinet Network Security Expert 8 Written Exam (810)
  • Certification
    :Fortinet Certifications
  • Vendor
    :Fortinet
  • Total Questions
    :60 Q&As
  • Last Updated
    :Jun 09, 2025

Fortinet Fortinet Certifications NSE8_810 Questions & Answers

  • Question 1:

    Exhibit An Administrator reports continuous high CPU utilization on a FortiGate device due to the IPS engine. The exhibit shows the global IPS configuration. Which two configuration actions will reduce the CPU usage? (Choose two.)

    A. Disable fail open.

    B. Enable intelligent mode.

    C. Change the algorithm to low.

    D. Reduce the number of packets logged.

  • Question 2:

    You have deployed a FortiGate In NAT/Route mode as a secure as a web gateway with a few P-base authentication firewall policies. Your customer reports that some users now have different browsing permission =s from what is expected. All these users are browsing using internet Explorer through Desktop Connection to a Terminal Server. When you took at the Fortigate logs the username for the Terminal Server IP is not consistent.

    Which action will correct this problem?

    A. Make sure Terminal Service is using the correct DNS ever.

    B. Configure FSSO Advanced with LDAP integration

    C. Change the FSSO polling mode to windows NetAPI

    D. Install the TSCitrix on the terminal server

  • Question 3:

    You want to manage a FortiCloud service. The FortiGate shows up in your list devices on the FortiCloud Web site, but all management functions are either missing or grayed out. Which statement a correct in this scenario?

    A. The managed FcrtGate a running a version of ForflOS that is either too new or too for FortCloud.

    B. The managed FortiGate requires that a FortiCloud management license be purchased and applied.

    C. You must manually configure system control-management on the FortiGate CLI and set the management type to fortiguard.

    D. The management tunnel mode on the managed FortiGate must be changed to normal.

  • Question 4:

    Click the Exhibit button.

    Only users authenticated in FortiGate-B can reach the server. A customer wants to deploy a single sign-on solution for IPsec VPN users. Once a user is connected and authenticated to the VPN in FortiGate-A, the user does not need to authenticate again in FortiGate 瑽 to reach the server.

    Which two actions satisfy this requirement? (Choose two.)

    A. Use Kerberos authentication.

    B. FortiGate-A must generate a RADUIS accounting packets.

    C. Use FortiAuthenticator.

    D. Use the Collector Agent.

  • Question 5:

    Exhibit

    Click the Exhibit button. Referring to the exhibit, which two behaviors will the FortiClient endpoint have after receiving the profile update from the FortiClient EMS? (Choose two.)

    A. Files executed from a mapped network drive will not be inspected by the FortiCltent endpoint Antivirus engine.

    B. The user will not be able to access a Web downloaded file for at least 60 seconds when the FortiSandbox is reachable.

    C. The user will not be able to access a Web downloaded file for a maximum of 60 seconds if it is not a virus and the FortiSandbox s reachable.

    D. The user will not be able to access a Web downloaded file when the FortiSandbox is unreachable.

  • Question 6:

    Click the Exhibit button.

    Central NAT was configured on a FortiGate firewall. A sniffer shows ICMP packets out to a host on the Internet egresses with the port1 IP address instead of the virtual IP(VIP) that was configured. Referring to the exhibit, which configuration will ensure that ICMP traffic is also translated?

    A. config firewall ippool edit "secondry_ip" set arp-intf `port1' next end

    B. config firewall central-snat-map edit 1 set protocol 1 next end

    C. config firewall central-snat-map edit 1 unset protocol next end

    D. config firewall central-snat-map edit 1 set orig-addr "all" next end

  • Question 7:

    Click the Exhibit button.

    You have two data centers a FortiGate 7000-series chassis connected by VPN, and all traffic flows over an

    established generic routing encapsulation (GRE) tunnel between them.

    You are troubleshooting traffic that is traversing between Server VLAN A and Server VLAN B. The

    performance is lower than expected and all traffic is only on the FPM module in slot 3.

    Referring to the exhibit, which action will correct the problem?

    A. Referring to the exhibit, which action will correct the problem?

    B. NO course of action enables load balancing in this scenario.

    C. Change the algorithm so it takes IP source IP, destination IP, and port no account.

    D. Configuration a local-balance flow-rule in the CLI to enable load balancing.

  • Question 8:

    Click the Exhibit button.

    The FortiAP profile used by the FortiGate managed AP is shown in the exhibit.

    Which two statements are correct in this scenario? (Choose two.)

    A. All FortiAPs using thre profile will nave Radio 1 scan rogue access points.

    B. Map this profile to SSlDs that you want to be available on the FortiAPs using this profile.

    C. All FortiAPs using this profile will have Radio 1 monitor wireless clients.

    D. Interference will be prevented between FortiAPs using this profile.

  • Question 9:

    An organization has one central site And three remote sites. A FotiSIEM has been drafted on the central

    site and now all devices across the remote sites need to be monitored by the FortiSlEM.

    When action would reduce the WAN usage by the monitoring system?

    A. Deploy a single Supervisor on the central site and enable WAN optimize on the WAN gateways.

    B. Install local Collection remote site.

    C. Disable monitoring on the remote sites during the day.

    D. install a Supervisor and a Collector for each remote site.

  • Question 10:

    Click the exhibit.

    You created an aggregate interface between your FortiGate and a switch consisting of two 1 Gbps links as shown in the exhibit. However, the maximum bandwidth never exceeds. 1 Gbps and employees are complaining that the network is slow. After troubleshooting, you notice only one member interface is being used. The configuration for the aggregate interface is shown in the exhibit.

    In this scenario, which command will solve this problem?

    A. config system interface edit Agg1 set min-links 2 end

    B. config system interface edit Agg1 set weight 2 end

    C. config system interface edit Agg1 set Algorithm L4 end

    D. config system interface edit Agg1 set lacp-mode active end

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Fortinet exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your NSE8_810 exam preparations and Fortinet certification application, do not hesitate to visit our Vcedump.com to find your solutions here.