ExamGecko
Home / Fortinet / FCP_FWB_AD-7.4 / List of questions
Ask Question

Fortinet FCP_FWB_AD-7.4 Practice Test - Questions Answers

Add to Whishlist

List of questions

Question 1

Report Export Collapse

Which high availability mode is commonly used to integrate with a traffic distributer like FortiADC?

Cold standby

Cold standby

Load sharing

Load sharing

Active-Active

Active-Active

Active-Passive

Active-Passive

Suggested answer: C
Explanation:

In Fortinet's high availability (HA) configurations, integrating FortiWeb with a traffic distributor like FortiADC is best achieved using the Active-Active HA mode. This mode allows multiple FortiWeb appliances to operate simultaneously, distributing traffic loads and enhancing both performance and redundancy.

FortiWeb supports several HA modes:

Active-Passive: One appliance actively handles all traffic, while the other remains on standby, ready to take over if the active unit fails.

Active-Active: Multiple appliances actively process traffic concurrently, sharing the load and providing redundancy.

High Volume Active-Active: An enhanced version of Active-Active, designed for environments with exceptionally high traffic volumes.

When integrating with a traffic distributor like FortiADC, the Active-Active mode is particularly advantageous. FortiADC can intelligently distribute incoming traffic across multiple active FortiWeb appliances, optimizing resource utilization and ensuring high availability. This setup not only balances the load but also provides fault tolerance; if one appliance becomes unavailable, FortiADC can redirect traffic to the remaining active units without service interruption.

This collaborative approach between FortiWeb and FortiADC ensures that web applications remain secure, performant, and resilient against failures.

asked 19/03/2025
ce temp2
51 questions

Question 2

Report Export Collapse

Under which two circumstances does FortiWeb use its own certificates? (Choose two.)

Connecting to browser clients using SSL

Connecting to browser clients using SSL

Making a secondary HTTPS connection to a server where FortiWeb acts as a client

Making a secondary HTTPS connection to a server where FortiWeb acts as a client

Routing an HTTPS connection to a FortiGate

Routing an HTTPS connection to a FortiGate

An administrator session connecting to the GUI using HTTPS

An administrator session connecting to the GUI using HTTPS

Suggested answer: B, D
Explanation:

Making a secondary HTTPS connection to a server where FortiWeb acts as a client: When FortiWeb needs to connect to an external server via HTTPS (acting as a client), it may use its own certificates for that connection.

An administrator session connecting to the GUI using HTTPS: FortiWeb uses its own certificates to secure the HTTPS connection between the administrator and the FortiWeb GUI. This ensures secure access for management purposes.

asked 19/03/2025
Duane Innmon
29 questions

Question 3

Report Export Collapse

You are using HTTP content routing on FortiWeb. You want requests for web application A to be forwarded to a cluster of web servers, which all host the same web application. You want requests for web application B to be forwarded to a different, single web server.

Which statement regarding this solution is true?

You must chain policies so that all requests go to the virtual server for policy A first, and then redirect requests for web application B to go to the virtual server for policy B

You must chain policies so that all requests go to the virtual server for policy A first, and then redirect requests for web application B to go to the virtual server for policy B

You must create static routes on the FortiWebto allow these requests.

You must create static routes on the FortiWebto allow these requests.

You must put the single web server for application B into a server pool and use it with HTTP content routing.

You must put the single web server for application B into a server pool and use it with HTTP content routing.

The server policy always applies the same web protection profile to both web application A and web application B.

The server policy always applies the same web protection profile to both web application A and web application B.

Suggested answer: C
Explanation:

To forward requests for web application B to a single web server, you would configure FortiWeb to use HTTP content routing and create a server pool specifically for web application B. In FortiWeb, server pools are used to group servers together based on application requirements, and you can configure the pool to contain only a single web server for application B.

asked 19/03/2025
Carlos Almeida Fernandes
39 questions

Question 4

Report Export Collapse

What are two results of enabling monitor mode on FortiWeb? (Choose two.)

It does not affect denial-of-service (DoS) protection profile actions to rate limit traffic.

It does not affect denial-of-service (DoS) protection profile actions to rate limit traffic.

It uses the default action for all profiles and, depending on the configuration, blocks or allows traffic.

It uses the default action for all profiles and, depending on the configuration, blocks or allows traffic.

It does not affect any HTML rewriting or redirection actions in web protection profiles.

It does not affect any HTML rewriting or redirection actions in web protection profiles.

It overrides all usual profile actions. FortiWeb accepts all requests and generates alert email or log messages only for violations.

It overrides all usual profile actions. FortiWeb accepts all requests and generates alert email or log messages only for violations.

Suggested answer: A, D
Explanation:

It does not affect denial-of-service (DoS) protection profile actions to rate limit traffic: Monitor mode allows FortiWeb to monitor traffic without impacting the protection profile actions, including rate limiting in the DoS protection profiles. Traffic will still be subjected to DoS protection actions like rate limiting, but FortiWeb will not block traffic unless a violation occurs.

It overrides all usual profile actions. FortiWeb accepts all requests and generates alert email or log messages only for violations: In monitor mode, FortiWeb will allow all traffic through and generate logs or alerts for any violations, but it will not take active actions like blocking requests or redirecting traffic. This allows you to observe the traffic patterns and potential threats without disrupting normal operations.

asked 19/03/2025
Jaime Ramirez
34 questions

Question 5

Report Export Collapse

Which implementation is most suited for a deployment that must meet PCI DSS compliance criteria?

SSL offloading with FortiWeb in reverse proxy mode

SSL offloading with FortiWeb in reverse proxy mode

SSL offloading with FortiWeb in PCI DSS mode

SSL offloading with FortiWeb in PCI DSS mode

SSL offloading with FortiWeb in transparency mode

SSL offloading with FortiWeb in transparency mode

SSL offloading with FortiWeb in full transparent proxy mode

SSL offloading with FortiWeb in full transparent proxy mode

Suggested answer: B
Explanation:

The Payment Card Industry Data Security Standard (PCI DSS) sets forth security requirements to protect cardholder data. Requirement 6.6 specifically mandates that public-facing web applications be protected against known attacks by either:Exclusive Networks+3Gordion+3layer7solutions.com+3

Reviewing applications via manual or automated vulnerability security assessment tools or methods, at least annually and after any changes.

Installing an automated technical solution that detects and prevents web-based attacks, such as a web application firewall (WAF), in front of public-facing web applications to continually inspect all traffic.

FortiWeb, Fortinet's web application firewall, offers various deployment modes to protect web applications:

Reverse Proxy Mode: FortiWeb acts as an intermediary, terminating client sessions and initiating sessions to the backend servers. This mode provides comprehensive protection and allows for features like SSL offloading, URL rewriting, and advanced routing capabilities.

Transparent Mode: FortiWeb operates at Layer 2, inspecting traffic without modifying it, making it invisible to both clients and servers. This mode simplifies deployment as it doesn't require changes to the existing network topology.

Full Transparent Proxy Mode: Combines aspects of both reverse proxy and transparent modes, providing inspection and modification capabilities while remaining transparent to network devices.

PCI DSS Mode: A specialized deployment tailored to meet PCI DSS compliance requirements. This mode ensures that FortiWeb is configured with security policies and features aligned with PCI DSS standards, offering robust protection against threats targeting cardholder data.

Given the need to meet PCI DSS compliance criteria, deploying FortiWeb in PCI DSS mode is the most appropriate choice. This mode is specifically designed to align with PCI DSS requirements, ensuring that all necessary security measures are in place to protect cardholder data

asked 19/03/2025
Mario Perez Hervas
40 questions

Question 6

Report Export Collapse

Review the following configuration:

Fortinet FCP_FWB_AD-7.4 image Question 6 63878006384384717552665

What are two routing behaviors that you can expect on FortiWeb after this configuration change? (Choose two.)

Non-HTTP traffic routed through the FortiWeb is allowed.

Non-HTTP traffic routed through the FortiWeb is allowed.

IPv6 routing is enabled.

IPv6 routing is enabled.

Non-HTTP traffic destined to the FortiWeb virtual server IP address is dropped.

Non-HTTP traffic destined to the FortiWeb virtual server IP address is dropped.

Only ICMP traffic is allowed. All other traffic is dropped.

Only ICMP traffic is allowed. All other traffic is dropped.

Suggested answer: A, C
Explanation:

FortiWeb is primarily designed to handle HTTP and HTTPS traffic, protecting web applications from various threats. By default, when operating in reverse proxy mode, FortiWeb does not forward non-HTTP/HTTPS protocols to protected servers. However, administrators can configure FortiWeb to handle non-HTTP/HTTPS traffic differently using the config router setting command. This command allows enabling IP-based forwarding (routing) for non-HTTP/HTTPS traffic. When enabled, FortiWeb can route non-HTTP traffic through itself to the appropriate backend servers.

Despite this capability, any non-HTTP/HTTPS traffic that is destined directly for a FortiWeb virtual server IP address is dropped. This means that while FortiWeb can be configured to forward non-HTTP/HTTPS traffic to backend servers, it will not process non-HTTP/HTTPS traffic targeted at its own virtual server IPs.

Regarding IPv6 routing, FortiWeb does support IPv6 in various operation modes, including reverse proxy, offline inspection, and transparent inspection. However, enabling IPv6 routing requires specific configurations and is not automatically enabled by default.

asked 19/03/2025
Alex Pilallis
49 questions

Question 7

Report Export Collapse

An attacker attempts to send an SQL injection attack containing the known attack string 'root'; -- through an API call.

Which FortiWeb inspection feature will be able to detect this attack the quickest?

Become a Premium Member for full access
  Unlock Premium Member

Question 8

Report Export Collapse

Refer to the exhibit.

Fortinet FCP_FWB_AD-7.4 image Question 8 63878006384415967233147

What are two additional configuration elements that you must be configure for this API gateway? (Choose two.)

Become a Premium Member for full access
  Unlock Premium Member

Question 9

Report Export Collapse

Which would be a reason to implement HTTP rewriting?

Become a Premium Member for full access
  Unlock Premium Member

Question 10

Report Export Collapse

What is the difference between an API gateway protection schema and a machine learning (ML) API protection schema?

Become a Premium Member for full access
  Unlock Premium Member
Total 36 questions
Go to page: of 4