BlackFriday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Fortinet Exam NSE8_812 Topic 3 Question 33 Discussion

Actual exam question for Fortinet's NSE8_812 exam
Question #: 33
Topic #: 3
[All NSE8_812 Questions]

A remote worker requests access to an SSH server inside the network. You deployed a ZTNA Rule to their FortiClient. You need to follow the security requirements to inspect this traffic.

Which two statements are true regarding the requirements? (Choose two.)

Show Suggested Answer Hide Answer
Suggested Answer: A, C

ZTNA supports SSH connection rules that allow remote workers to access SSH servers inside the network through an HTTPS tunnel between the client and the access proxy (FortiGate). The access proxy acts as an SSH client to connect to the real SSH server on behalf of the user, and performs host-key validation to verify the identity of the server. The user can use any SSH client that supports HTTPS proxy settings, such as PuTTY or OpenSSH. References: https://docs.fortinet.com/document/fortigate/7.0.0/ztna-deployment/899992/configuring-ztna-rules-to-control-access


by Allene at Sep 14, 2024, 02:31 PM

Limited Time Offer

25%

Off

Get Premium NSE8_812 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Shantay
25 days ago
Haha, option D is like saying ZTNA can't even handle SSH traffic. That's a good one!
upvoted 0 times
Lenora
3 days ago
User 2: I agree. We just need to make sure we follow the security requirements for inspecting the traffic.
upvoted 0 times
...
Dean
11 days ago
Yeah, option D is pretty funny. ZTNA should be able to handle SSH traffic.
upvoted 0 times
...
...
Aracelis
29 days ago
D is definitely wrong, ZTNA should support SSH connection rules. I'd go with A and C as the true statements.
upvoted 0 times
Glennis
4 days ago
Let's make sure to follow the security requirements and configure the FortiClient properly for inspecting the SSH traffic.
upvoted 0 times
...
Antonio
8 days ago
I think A and C are the true statements. FortiGate can perform SSH access proxy host-key validation and SSH traffic is tunneled over HTTPS.
upvoted 0 times
...
Jules
9 days ago
I agree, D is definitely wrong. ZTNA should support SSH connection rules.
upvoted 0 times
...
...
Ailene
1 months ago
I think A and C are the correct answers. The FortiGate can validate the SSH host-key and the traffic is tunneled over HTTPS, which aligns with ZTNA security requirements.
upvoted 0 times
...
Matthew
1 months ago
I'm not sure about option B. Do we really need to configure a FortiClient SSL-VPN tunnel to inspect the SSH traffic?
upvoted 0 times
...
Mireya
1 months ago
Option C makes the most sense to me. ZTNA should support tunneling the SSH traffic over HTTPS for secure access.
upvoted 0 times
Margot
12 days ago
Yes, it's important to follow security requirements when granting access to an SSH server.
upvoted 0 times
...
Vince
13 days ago
I agree, tunneling SSH traffic over HTTPS adds an extra layer of security.
upvoted 0 times
...
Stevie
14 days ago
Option C makes the most sense to me. ZTNA should support tunneling the SSH traffic over HTTPS for secure access.
upvoted 0 times
...
...
Barney
1 months ago
I agree with Ozell. Option C is also true because SSH traffic is tunneled between the client and the access proxy over HTTPS.
upvoted 0 times
...
Ozell
2 months ago
I think option A is true because FortiGate can perform SSH access proxy host-key validation.
upvoted 0 times
...

Save Cancel