ExamGecko
Login
Home / Fortinet / NSE6_FWB-6.4 / List of questions
Ask Question

Fortinet NSE6_FWB-6.4 Practice Test - Questions Answers

List of questions

Question 1

Report Export Collapse

Review the following configuration:

Fortinet NSE6_FWB-6.4 image Question 1 26833 09182024190643000000

What is the expected result of this configuration setting?

When machine learning (ML) is in its collecting phase, FortiWeb will accept an unlimited number of samples from the same source IP address.
When machine learning (ML) is in its collecting phase, FortiWeb will accept an unlimited number of samples from the same source IP address.
When machine learning (ML) is in its running phase, FortiWeb will accept an unlimited number of samples from the same source IP address.
When machine learning (ML) is in its running phase, FortiWeb will accept an unlimited number of samples from the same source IP address.
When machine learning (ML) is in its collecting phase, FortiWeb will not accept any samples from any source IP addresses.
When machine learning (ML) is in its collecting phase, FortiWeb will not accept any samples from any source IP addresses.
When machine learning (ML) is in its running phase, FortiWeb will accept a set number of samples from the same source IP address.
When machine learning (ML) is in its running phase, FortiWeb will accept a set number of samples from the same source IP address.
Suggested answer: A
asked 18/09/2024
Srinivasan Kumaresan
36 questions

Question 2

Report Export Collapse

Which two statements about the anti-defacement feature on FortiWeb are true? (Choose two.)

Anti-defacement can redirect users to a backup web server, if it detects a change.
Anti-defacement can redirect users to a backup web server, if it detects a change.
Anti-defacement downloads a copy of your website to RAM, in order to restore a clean image, if it detects defacement.
Anti-defacement downloads a copy of your website to RAM, in order to restore a clean image, if it detects defacement.
FortiWeb will only check to see if there are changes on the web server; it will not download the whole file each time.
FortiWeb will only check to see if there are changes on the web server; it will not download the whole file each time.
Anti-defacement does not make a backup copy of your databases.
Anti-defacement does not make a backup copy of your databases.
Suggested answer: C, D
Explanation:

Anti-defacement backs up web pages only,notdatabases.

If it detects any file changes, theFortiWebappliance will download a new backup revision.

asked 18/09/2024
Josh Rose
40 questions

Question 3

Report Export Collapse

What role does FortiWeb play in ensuring PCI DSS compliance?

PCI specifically requires a WAF
PCI specifically requires a WAF
Provides credit card processing capabilities
Provides credit card processing capabilities
Provide ability to securely process cash transactions
Provide ability to securely process cash transactions
Provides load balancing between multiple web servers
Provides load balancing between multiple web servers
Suggested answer: A
Explanation:

FortiWeb helps you meet all PCI requirements, but PCI now specifically recommends using a WAF, and developing remediations against the top 10 vulnerabilities, according to OWASP.

asked 18/09/2024
Elena Albu
38 questions

Question 4

Report Export Collapse

Which operation mode does not require additional configuration in order to allow FTP traffic to your web server?

Offline Protection
Offline Protection
Transparent Inspection
Transparent Inspection
True Transparent Proxy
True Transparent Proxy
Reverse-Proxy
Reverse-Proxy
Suggested answer: B
asked 18/09/2024
Lyboth Ntsana
43 questions

Question 5

Report Export Collapse

Which implementation is best suited for a deployment that must meet compliance criteria?

SSL Inspection with FortiWeb in Transparency mode
SSL Inspection with FortiWeb in Transparency mode
SSL Offloading with FortiWeb in reverse proxy mode
SSL Offloading with FortiWeb in reverse proxy mode
SSL Inspection with FrotiWeb in Reverse Proxy mode
SSL Inspection with FrotiWeb in Reverse Proxy mode
SSL Offloading with FortiWeb in Transparency Mode
SSL Offloading with FortiWeb in Transparency Mode
Suggested answer: C
asked 18/09/2024
Henry Hendricks
26 questions

Question 6

Report Export Collapse

Which of the following FortiWeb features is part of the mitigation tools against OWASP A4 threats?

Sensitive info masking
Sensitive info masking
Poison Cookie detection
Poison Cookie detection
Session Management
Session Management
Brute Force blocking
Brute Force blocking
Suggested answer: C
asked 18/09/2024
Mustafa Hussien
41 questions

Question 7

Report Export Collapse

What capability can FortiWeb add to your Web App that your Web App may or may not already have?

Automatic backup and recovery
Automatic backup and recovery
High Availability
High Availability
HTTP/HTML Form Authentication
HTTP/HTML Form Authentication
SSL Inspection
SSL Inspection
Suggested answer: C
asked 18/09/2024
Wilfried Bret
30 questions

Question 8

Report Export Collapse

What must you do with your FortiWeb logs to ensure PCI DSS compliance?

Store in an off-site location
Store in an off-site location
Erase them every two weeks
Erase them every two weeks
Enable masking of sensitive data
Enable masking of sensitive data
Compress them into a .zip file format
Compress them into a .zip file format
Suggested answer: C
asked 18/09/2024
Sergio Pena Ochoa
36 questions

Question 9

Report Export Collapse

What role does FortiWeb play in ensuring PCI DSS compliance?

It provides the ability to securely process cash transactions.
It provides the ability to securely process cash transactions.
It provides the required SQL server protection.
It provides the required SQL server protection.
It provides the WAF required by PCI.
It provides the WAF required by PCI.
It provides credit card processing capabilities.
It provides credit card processing capabilities.
Suggested answer: C
asked 18/09/2024
Krishna Mody
37 questions

Question 10

Report Export Collapse

Refer to the exhibit.

Fortinet NSE6_FWB-6.4 image Question 10 26842 09182024190643000000

There is only one administrator account configured on FortiWeb. What must an administrator do to restrict any brute force attacks that attempt to gain access to the FortiWeb management GUI?

Delete the built-in administrator user and create a new one.
Delete the built-in administrator user and create a new one.
Configure IPv4 Trusted Host # 3 with a specific IP address.
Configure IPv4 Trusted Host # 3 with a specific IP address.
The configuration changes must be made on the upstream device.
The configuration changes must be made on the upstream device.
Change the Access Profile to Read_Only.
Change the Access Profile to Read_Only.
Suggested answer: B
asked 18/09/2024
najim faryabi
29 questions
Total 56 questions
Go to page: of 6
Open VPLUS File
Convert VPLUS to PDF

Related questions

The FortiWeb machine learning (ML) feature is a two-phase analysis mechanism. Which two functions does the first layer perform? (Choose two.)
You've configured an authentication rule with delegation enabled on FortiWeb. What happens when a user tries to access the web application?
In which scenario might you want to use the compression feature on FortiWeb?
True transparent proxy mode is best suited for use in which type of environment?
Which is true about HTTPS on FortiWeb? (Choose three.)
You are using HTTP content routing on FortiWeb. Requests for web app A should be forwarded to a cluster of web servers which all host the same web app. Requests for web app B should be forwarded to a different, single web server. Which is true about the solution?
Refer to the exhibit. Many legitimate users are being identified as bots. FortiWeb bot detection has been configured with the settings shown in the exhibit. The FortiWeb administrator has already verified that the current model is accurate. What can the administrator do to fix this problem, making sure that real bots are not allowed through FortiWeb?
A client is trying to start a session from a page that would normally be accessible only after the client has logged in. When a start page rule detects the invalid session access, what can FortiWeb do? (Choose three.)
In which two operating modes can FortiWeb modify HTTP packets? (Choose two.)
Which algorithm is used to build mathematical models for bot detection?