ExamGecko
Search Search Login
Home Home / Fortinet / NSE6_FWB-6.4

Fortinet NSE6_FWB-6.4 Practice Test - Questions Answers

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

True transparent proxy mode is best suited for use in which type of environment?
You've configured an authentication rule with delegation enabled on FortiWeb. What happens when a user tries to access the web application?
In which scenario might you want to use the compression feature on FortiWeb?
Which algorithm is used to build mathematical models for bot detection?
You are using HTTP content routing on FortiWeb. Requests for web app A should be forwarded to a cluster of web servers which all host the same web app. Requests for web app B should be forwarded to a different, single web server. Which is true about the solution?
Which is true about HTTPS on FortiWeb? (Choose three.)
When integrating FortiWeb and FortiAnalyzer, why is the selection for FortiWeb Version critical? (Choose two)
In which two operating modes can FortiWeb modify HTTP packets? (Choose two.)
Refer to the exhibit. Many legitimate users are being identified as bots. FortiWeb bot detection has been configured with the settings shown in the exhibit. The FortiWeb administrator has already verified that the current model is accurate. What can the administrator do to fix this problem, making sure that real bots are not allowed through FortiWeb?
A client is trying to start a session from a page that would normally be accessible only after the client has logged in. When a start page rule detects the invalid session access, what can FortiWeb do? (Choose three.)

Question 1

Report
Export
Collapse

Review the following configuration:

What is the expected result of this configuration setting?

A.
When machine learning (ML) is in its collecting phase, FortiWeb will accept an unlimited number of samples from the same source IP address.
A.
When machine learning (ML) is in its collecting phase, FortiWeb will accept an unlimited number of samples from the same source IP address.
Answers
B.
When machine learning (ML) is in its running phase, FortiWeb will accept an unlimited number of samples from the same source IP address.
B.
When machine learning (ML) is in its running phase, FortiWeb will accept an unlimited number of samples from the same source IP address.
Answers
C.
When machine learning (ML) is in its collecting phase, FortiWeb will not accept any samples from any source IP addresses.
C.
When machine learning (ML) is in its collecting phase, FortiWeb will not accept any samples from any source IP addresses.
Answers
D.
When machine learning (ML) is in its running phase, FortiWeb will accept a set number of samples from the same source IP address.
D.
When machine learning (ML) is in its running phase, FortiWeb will accept a set number of samples from the same source IP address.
Answers
Suggested answer: A

Question 2

Report
Export
Collapse

Which two statements about the anti-defacement feature on FortiWeb are true? (Choose two.)

A.
Anti-defacement can redirect users to a backup web server, if it detects a change.
A.
Anti-defacement can redirect users to a backup web server, if it detects a change.
Answers
B.
Anti-defacement downloads a copy of your website to RAM, in order to restore a clean image, if it detects defacement.
B.
Anti-defacement downloads a copy of your website to RAM, in order to restore a clean image, if it detects defacement.
Answers
C.
FortiWeb will only check to see if there are changes on the web server; it will not download the whole file each time.
C.
FortiWeb will only check to see if there are changes on the web server; it will not download the whole file each time.
Answers
D.
Anti-defacement does not make a backup copy of your databases.
D.
Anti-defacement does not make a backup copy of your databases.
Answers
Suggested answer: C, D

Explanation:

Anti-defacement backs up web pages only,notdatabases.

If it detects any file changes, theFortiWebappliance will download a new backup revision.

Question 3

Report
Export
Collapse

What role does FortiWeb play in ensuring PCI DSS compliance?

A.
PCI specifically requires a WAF
A.
PCI specifically requires a WAF
Answers
B.
Provides credit card processing capabilities
B.
Provides credit card processing capabilities
Answers
C.
Provide ability to securely process cash transactions
C.
Provide ability to securely process cash transactions
Answers
D.
Provides load balancing between multiple web servers
D.
Provides load balancing between multiple web servers
Answers
Suggested answer: A

Explanation:

FortiWeb helps you meet all PCI requirements, but PCI now specifically recommends using a WAF, and developing remediations against the top 10 vulnerabilities, according to OWASP.

Question 4

Report
Export
Collapse

Which operation mode does not require additional configuration in order to allow FTP traffic to your web server?

A.
Offline Protection
A.
Offline Protection
Answers
B.
Transparent Inspection
B.
Transparent Inspection
Answers
C.
True Transparent Proxy
C.
True Transparent Proxy
Answers
D.
Reverse-Proxy
D.
Reverse-Proxy
Answers
Suggested answer: B

Question 5

Report
Export
Collapse

Which implementation is best suited for a deployment that must meet compliance criteria?

A.
SSL Inspection with FortiWeb in Transparency mode
A.
SSL Inspection with FortiWeb in Transparency mode
Answers
B.
SSL Offloading with FortiWeb in reverse proxy mode
B.
SSL Offloading with FortiWeb in reverse proxy mode
Answers
C.
SSL Inspection with FrotiWeb in Reverse Proxy mode
C.
SSL Inspection with FrotiWeb in Reverse Proxy mode
Answers
D.
SSL Offloading with FortiWeb in Transparency Mode
D.
SSL Offloading with FortiWeb in Transparency Mode
Answers
Suggested answer: C

Question 6

Report
Export
Collapse

Which of the following FortiWeb features is part of the mitigation tools against OWASP A4 threats?

A.
Sensitive info masking
A.
Sensitive info masking
Answers
B.
Poison Cookie detection
B.
Poison Cookie detection
Answers
C.
Session Management
C.
Session Management
Answers
D.
Brute Force blocking
D.
Brute Force blocking
Answers
Suggested answer: C

Question 7

Report
Export
Collapse

What capability can FortiWeb add to your Web App that your Web App may or may not already have?

A.
Automatic backup and recovery
A.
Automatic backup and recovery
Answers
B.
High Availability
B.
High Availability
Answers
C.
HTTP/HTML Form Authentication
C.
HTTP/HTML Form Authentication
Answers
D.
SSL Inspection
D.
SSL Inspection
Answers
Suggested answer: C

Question 8

Report
Export
Collapse

What must you do with your FortiWeb logs to ensure PCI DSS compliance?

A.
Store in an off-site location
A.
Store in an off-site location
Answers
B.
Erase them every two weeks
B.
Erase them every two weeks
Answers
C.
Enable masking of sensitive data
C.
Enable masking of sensitive data
Answers
D.
Compress them into a .zip file format
D.
Compress them into a .zip file format
Answers
Suggested answer: C

Question 9

Report
Export
Collapse

What role does FortiWeb play in ensuring PCI DSS compliance?

A.
It provides the ability to securely process cash transactions.
A.
It provides the ability to securely process cash transactions.
Answers
B.
It provides the required SQL server protection.
B.
It provides the required SQL server protection.
Answers
C.
It provides the WAF required by PCI.
C.
It provides the WAF required by PCI.
Answers
D.
It provides credit card processing capabilities.
D.
It provides credit card processing capabilities.
Answers
Suggested answer: C

Question 10

Report
Export
Collapse

Refer to the exhibit.

There is only one administrator account configured on FortiWeb. What must an administrator do to restrict any brute force attacks that attempt to gain access to the FortiWeb management GUI?

A.
Delete the built-in administrator user and create a new one.
A.
Delete the built-in administrator user and create a new one.
Answers
B.
Configure IPv4 Trusted Host # 3 with a specific IP address.
B.
Configure IPv4 Trusted Host # 3 with a specific IP address.
Answers
C.
The configuration changes must be made on the upstream device.
C.
The configuration changes must be made on the upstream device.
Answers
D.
Change the Access Profile to Read_Only.
D.
Change the Access Profile to Read_Only.
Answers
Suggested answer: B
Total 56 questions
Go to page: of 6
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms