nerdexam
Fortinet

NSE8_812 · Question #151

NSE8_812 Question #151: Real Exam Question with Answer & Explanation

Sign in or unlock NSE8_812 to reveal the answer and full explanation for question #151. The question stem and answer options stay visible for context.

Question

A company wants to protect against Denial of Service attacks and has launched a new project. They want to block DoS attacks that go above a certain threshold and for some others they are just trying to get a baseline of activity for those types of attacks so they are letting the traffic pass through without action. Given the following: - The interface to the Internet is on WAN1. - There is no requirement to specify which addresses are being protected or protected from. - The protected is to extend to all services. - The tcp_syn_flood attacks are to be recorded and blocked. - The udp_flood attacks are to be recorded but not blocked. - The tcp_syn_flood attack's threshold is to be changed from the default to 1000. The exhibit shows the current DoS-policy. Which policy will implement the project requirements?

Options

  • Aconfig firewall DoS-policy edit 1 set status enable set interface "wan1" set srcaddr "all" set dstaddr "all" set service "ALL TCP" "ALL UDP" config anomaly edit "tcp_syn_flood" set status enable set log enable set action block set threshold 1000 next edit "udp_flood" set status enable set log enable set threshold 1000 next end
  • Bconfig firewall DoS-policy edit 1 set status enable set interface "wan1" set srcaddr "all" set dstaddr "all" set service "ALL TCP" "ALL UDP" config anomaly edit "tcp_syn_flood" set status enable set log enable set action block set threshold 1000 next edit "udp_flood" set status enable set log enable set threshold 2000 next end
  • Cconfig firewall DoS-policy edit 1 set status enable set interface "wan1" set srcaddr "all" set dstaddr "all" set service "ALL TCP" "ALL UDP" config anomaly edit "tcp_syn_flood" set status enable set log enable set action block set threshold 1000 next edit "udp_flood" set log enable set status enable set action block set threshold 1000 next end
  • Dconfig firewall DoS-policy edit 1 set status enable set interface "wan1" set srcaddr "all" set dstaddr "all" set service "ALL TCP" "ALL UDP" config anomaly edit "tcp_syn_flood" set status enable set log enable set action block set threshold 2000 next edit "udp_flood" set status enable set log enable set threshold 2000 next end

Unlock NSE8_812 to see the answer

You've previewed enough free NSE8_812 questions. Unlock NSE8_812 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.

Unlock NSE8_812 - $49.99 / 30 daysSign in
Full NSE8_812 Practice