Fortinet Exam NSE8_812 Topic 1 Question 8 Discussion

Actual exam question for Fortinet's NSE8_812 exam

Question #: 8
Topic #: 1

Refer to the exhibit.

An HTTPS access proxy is configured to demonstrate its function as a reverse proxy on behalf of the web server it is protecting. It verifies user identity, device identity, and trust context, before granting access to the protected source. It is assumed that the FortiGate EMS fabric connector has already been successfully connected.

You need to ensure that ZTNA access through the FortiGate will redirect users to the FortiAuthenticator to perform username/password and multifactor authentication to validate access prior to accessing resources behind the FortiGate.

In this scenario, which two further steps need to be taken on the FortiGate? (Choose two.)

ACreate a SAML user/server object referring to the FortiAuthenticator.

BCreate an authentication rule that sets the sso-auth-method to the FortiAuthenticator.

CCreate an authentication scheme with the 'method' as SAML.

DCreate a firewall rule that allows access from the remote endpoint to the resources behind the FortiGate.

Show Suggested Answer

Suggested Answer: A, D

To ensure that unnecessary multicast traffic is pruned from links that do not have a multicast listener, you must disable IGMP flood traffic on the ICL trunks and enable IGMP flood reports on the ISL and FortiLink trunks.

Disabling IGMP flood traffic will prevent the FortiSwitch units from flooding multicast traffic to all ports on the ICL trunks. This will help to reduce unnecessary multicast traffic on the network.

Enabling IGMP flood reports will allow the FortiSwitch units to learn which ports are interested in receiving multicast traffic. This will help the FortiSwitch units to prune multicast traffic from links that do not have a multicast listener.

by Nelida at Aug 06, 2023, 03:42 AM

Limited Time Offer

25%

Off

Get Premium NSE8_812 Questions as Interactive Web-Based Practice Test or PDF