NSE8_811 Exam Questions & Answers

You are building a FortiGate cluster which is stretched over two locations. The HA connections for the cluster are terminated on the local switches in the data centers. Once the FortiGate devices have booted, they do not form a cluster. The network operators inform you that CRC errors are present on the switches where the FortiGate devices are connected.

What should you do to solve this problem?

A. Set the speed/duplex setting to 1 Gbps / Full Duplex.

B. Replace the cables where the CRC errors occur.

C. Place the HA interfaces in dedicated VLANs.

D. Change the ethertype for the HA packets.

Refer to the exhibit.

A FortiGate device is configured to authenticate SSL VPN users using digital certificates. A partial FortiGate configuration is shown in the exhibit.

Referring to the exhibit, which two statements about this configuration are true? (Choose two.)

A. The authentication will fail if the user certificate does not contain the user principal name (UPN) information.

B. The authentication will fail if the user certificate does not contain the CA_Cert string in the CA field.

C. The authentication will fail if the OCSP server is down.

D. OCSP is used to verify that the user-signed certificate has not expired.

Refer to the exhibit.

You are trying to configure Link-Aggregation Group (LAG), but ports A and B do not appear on the list of member options.

Referring to the exhibit, which statement is correct in this situation?

A. The FortiGate interfaces are defective and require replacement.

B. The FortiGate model does not have an Integrated Switch Fabric (ISF).

C. The FortiGate model being used does not support LAG.

D. The FortiGate SFP+ slot does not have the correct module.