ExamTopics Logo
Mail Us[email protected]
Menu
Fortinet Discussions
exam questions

Exam NSE8 All Questions

View all questions & answers for the NSE8 exam
Go to Exam

Exam NSE8 topic 1 question 6 discussion

Actual exam question from Fortinet's NSE8
Question #: 6
Topic #: 1
[All NSE8 Questions]

A company wants to protect against Denial of Service attacks and has launched a new project. They want to block the attacks that go above a certain threshold and for some others they are just trying to get a baseline of activity for those types of attacks so they are letting the traffic pass through without action. Given the following:
- The interface to the Internet is on WAN1.
- There is no requirement to specify which addresses are being protected or protected from.
- The protection is to extend to all services.
- The tcp_syn_flood attacks are to be recorded and blocked.
- The udp_flood attacks are to be recorded but not blocked.
- The tcp_syn_flood attacks threshold is to be changed from the default to 1000.
The exhibit shows the current DoS-policy.

Which policy will implement the project requirements?
A)


B)

C)

D)

  • A. Option A
  • B. Option B
  • C. Option C
  • D. Option D
Show Suggested Answer Hide Answer
Suggested Answer: BD 🗳️
B&D both have same policy which fulfills the above criteria.
http://help.fortinet.com/fos50hlp/52data/Content/FortiOS/fortigate-firewall-52/Examples/Example-%20DoS%20Policy.htm
by atseif at Feb. 4, 2022, 9:03 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Frgaa
2 years, 6 months ago
"They want to block the attacks..." so log is not needed. B is OK too.
upvoted 1 times
...
atseif
3 years, 3 months ago
It should be B only, on D option tcp_sync_flood log not enabled, hence D option not meet requirement
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago