ExamGecko
Search Search Login
Home Home / Fortinet / NSE6_FWB-6.4

Fortinet NSE6_FWB-6.4 Practice Test - Questions Answers, Page 2

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

True transparent proxy mode is best suited for use in which type of environment?
You've configured an authentication rule with delegation enabled on FortiWeb. What happens when a user tries to access the web application?
Which algorithm is used to build mathematical models for bot detection?
You are using HTTP content routing on FortiWeb. Requests for web app A should be forwarded to a cluster of web servers which all host the same web app. Requests for web app B should be forwarded to a different, single web server. Which is true about the solution?
In which scenario might you want to use the compression feature on FortiWeb?
Which is true about HTTPS on FortiWeb? (Choose three.)
Refer to the exhibit. Many legitimate users are being identified as bots. FortiWeb bot detection has been configured with the settings shown in the exhibit. The FortiWeb administrator has already verified that the current model is accurate. What can the administrator do to fix this problem, making sure that real bots are not allowed through FortiWeb?
When integrating FortiWeb and FortiAnalyzer, why is the selection for FortiWeb Version critical? (Choose two)
In which two operating modes can FortiWeb modify HTTP packets? (Choose two.)
The FortiWeb machine learning (ML) feature is a two-phase analysis mechanism. Which two functions does the first layer perform? (Choose two.)

Question 11

Report
Export
Collapse

What key factor must be considered when setting brute force rate limiting and blocking?

A.
A single client contacting multiple resources
A.
A single client contacting multiple resources
Answers
B.
Multiple clients sharing a single Internet connection
B.
Multiple clients sharing a single Internet connection
Answers
C.
Multiple clients from geographically diverse locations
C.
Multiple clients from geographically diverse locations
Answers
D.
Multiple clients connecting to multiple resources
D.
Multiple clients connecting to multiple resources
Answers
Suggested answer: B

Explanation:

https://training.fortinet.com/course/view.php?id=3363 What is one key factor that you must consider when setting brute force rate limiting and blocking? Multiple clients sharing a single Internet connection

Question 12

Report
Export
Collapse

Refer to the exhibits.

FortiWeb is configured in reverse proxy mode and it is deployed downstream to FortiGate. Based on the configuration shown in the exhibits, which of the following statements is true?

A.
FortiGate should forward web traffic to the server pool IP addresses.
A.
FortiGate should forward web traffic to the server pool IP addresses.
Answers
B.
The configuration is incorrect. FortiWeb should always be located upstream to FortiGate.
B.
The configuration is incorrect. FortiWeb should always be located upstream to FortiGate.
Answers
C.
You must disable the Preserve Client IP setting on FotriGate for this configuration to work.
C.
You must disable the Preserve Client IP setting on FotriGate for this configuration to work.
Answers
D.
FortiGate should forward web traffic to virtual server IP address.
D.
FortiGate should forward web traffic to virtual server IP address.
Answers
Suggested answer: D

Question 13

Report
Export
Collapse

Which two statements about running a vulnerability scan are true? (Choose two.)

A.
You should run the vulnerability scan during a maintenance window.
A.
You should run the vulnerability scan during a maintenance window.
Answers
B.
You should run the vulnerability scan in a test environment.
B.
You should run the vulnerability scan in a test environment.
Answers
C.
Vulnerability scanning increases the load on FortiWeb, so it should be avoided.
C.
Vulnerability scanning increases the load on FortiWeb, so it should be avoided.
Answers
D.
You should run the vulnerability scan on a live website to get accurate results.
D.
You should run the vulnerability scan on a live website to get accurate results.
Answers
Suggested answer: A, B

Explanation:

Should the Vulnerability Scanner allow it, SVMS will set the scan schedule (or schedules) to run in a maintenance window. SVMS will advise Client of the scanner's ability to complete the scan(s) within the maintenance window.

Vulnerabilities on live web sites. Instead, duplicate the web site and its database in a test environment.

https://help.fortinet.com/fweb/552/Content/FortiWeb/fortiweb-admin/vulnerability_scans.htm

Question 14

Report
Export
Collapse

FortiWeb offers the same load balancing algorithms as FortiGate.

Which two Layer 7 switch methods does FortiWeb also offer? (Choose two.)

A.
Round robin
A.
Round robin
Answers
B.
HTTP session-based round robin
B.
HTTP session-based round robin
Answers
C.
HTTP user-based round robin
C.
HTTP user-based round robin
Answers
D.
HTTP content routes
D.
HTTP content routes
Answers
Suggested answer: A, D

Explanation:

http://fortinet.globalgate.com.ar/pdfs/FortiWeb/FortiWeb_DS.pdf

Question 15

Report
Export
Collapse

Which would be a reason to implement HTTP rewriting?

A.
The original page has moved to a new URL
A.
The original page has moved to a new URL
Answers
B.
To replace a vulnerable function in the requested URL
B.
To replace a vulnerable function in the requested URL
Answers
C.
To send the request to secure channel
C.
To send the request to secure channel
Answers
D.
The original page has moved to a new IP address
D.
The original page has moved to a new IP address
Answers
Suggested answer: B

Explanation:

Create a new URL rewriting rule.

Question 16

Report
Export
Collapse

Refer to the exhibit.

FortiADC is applying SNAT to all inbound traffic going to the servers. When an attack occurs, FortiWeb blocks traffic based on the 192.0.2.1 source IP address, which belongs to FortiADC. The setup is breaking all connectivity and genuine clients are not able to access the servers.

What must the administrator do to avoid this problem? (Choose two.)

A.
Enable the Use X-Forwarded-For setting on FortiWeb.
A.
Enable the Use X-Forwarded-For setting on FortiWeb.
Answers
B.
No Special configuration is required; connectivity will be re-established after the set timeout.
B.
No Special configuration is required; connectivity will be re-established after the set timeout.
Answers
C.
Place FortiWeb in front of FortiADC.
C.
Place FortiWeb in front of FortiADC.
Answers
D.
Enable the Add X-Forwarded-For setting on FortiWeb.
D.
Enable the Add X-Forwarded-For setting on FortiWeb.
Answers
Suggested answer: A, C

Explanation:

Configure your load balancer to insert or append to anX-Forwarded-For:,X-Real-IP:, or other HTTP X-header. Also configureFortiWebto find the original attacker's or client's IP address in that HTTP header

Question 17

Report
Export
Collapse

Which statement about local user accounts is true?

A.
They are best suited for large environments with many users.
A.
They are best suited for large environments with many users.
Answers
B.
They cannot be used for site publishing.
B.
They cannot be used for site publishing.
Answers
C.
They must be assigned, regardless of any other authentication.
C.
They must be assigned, regardless of any other authentication.
Answers
D.
They can be used for SSO.
D.
They can be used for SSO.
Answers
Suggested answer: B

Question 18

Report
Export
Collapse

Refer to the exhibit.

Based on the configuration, what would happen if this FortiWeb were to lose power? (Choose two.)

A.
Traffic that passes between port5 and port6 will be inspected.
A.
Traffic that passes between port5 and port6 will be inspected.
Answers
B.
Traffic will be interrupted between port3 and port4.
B.
Traffic will be interrupted between port3 and port4.
Answers
C.
All traffic will be interrupted.
C.
All traffic will be interrupted.
Answers
D.
Traffic will pass between port5 and port6 uninspected.
D.
Traffic will pass between port5 and port6 uninspected.
Answers
Suggested answer: B, D

Question 19

Report
Export
Collapse

Refer to the exhibit.

FortiWeb is configured to block traffic from Japan to your web application server. However, in the logs, the administrator is seeing traffic allowed from one particular IP address which is geo-located in Japan.

What can the administrator do to solve this problem? (Choose two.)

A.
Manually update the geo-location IP addresses for Japan.
A.
Manually update the geo-location IP addresses for Japan.
Answers
B.
If the IP address is configured as a geo reputation exception, remove it.
B.
If the IP address is configured as a geo reputation exception, remove it.
Answers
C.
Configure the IP address as a blacklisted IP address.
C.
Configure the IP address as a blacklisted IP address.
Answers
D.
If the IP address is configured as an IP reputation exception, remove it.
D.
If the IP address is configured as an IP reputation exception, remove it.
Answers
Suggested answer: B, C

Question 20

Report
Export
Collapse

Which algorithm is used to build mathematical models for bot detection?

A.
HCM
A.
HCM
Answers
B.
SVN
B.
SVN
Answers
C.
SVM
C.
SVM
Answers
D.
HMM
D.
HMM
Answers
Suggested answer: C

Explanation:

FortiWeb uses SVM (Support Vector Machine) algorithm to build up the bot detection model

Total 56 questions
Go to page: of 6
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms