ExamGecko
Login
Home / Fortinet / NSE6_FWB-6.4 / List of questions
Ask Question

Fortinet NSE6_FWB-6.4 Practice Test - Questions Answers, Page 3

List of questions

Question 21

Report Export Collapse

A client is trying to start a session from a page that would normally be accessible only after the client has logged in.

When a start page rule detects the invalid session access, what can FortiWeb do? (Choose three.)

Display an access policy message, then allow the client to continue
Display an access policy message, then allow the client to continue
Redirect the client to the login page
Redirect the client to the login page
Allow the page access, but log the violation
Allow the page access, but log the violation
Prompt the client to authenticate
Prompt the client to authenticate
Reply with a 403 Forbidden HTTP error
Reply with a 403 Forbidden HTTP error
Suggested answer: B, C, E
asked 18/09/2024
Nichal Maharaj
49 questions

Question 22

Report Export Collapse

Refer to the exhibit.

Fortinet NSE6_FWB-6.4 image Question 22 26854 09182024190643000000

Many legitimate users are being identified as bots. FortiWeb bot detection has been configured with the settings shown in the exhibit. The FortiWeb administrator has already verified that the current model is accurate.

What can the administrator do to fix this problem, making sure that real bots are not allowed through FortiWeb?

Change Model Type to Strict
Change Model Type to Strict
Change Action under Action Settings to Alert
Change Action under Action Settings to Alert
Disable Dynamically Update Model
Disable Dynamically Update Model
Enable Bot Confirmation
Enable Bot Confirmation
Suggested answer: D
Explanation:

Bot Confirmation

If the number of anomalies from a user has reached theAnomaly Count, the system executesBot Confirmationbefore taking actions.

TheBot Confirmationis to confirm if the user is indeed a bot. The system sends RBE (Real Browser Enforcement) JavaScript or CAPTCHA to the client to double check if it's a real bot.

asked 18/09/2024
zulmaidi mr
43 questions

Question 23

Report Export Collapse

What can an administrator do if a client has been incorrectly period blocked?

Nothing, it is not possible to override a period block.
Nothing, it is not possible to override a period block.
Manually release the ID address from the temporary blacklist.
Manually release the ID address from the temporary blacklist.
Force a new IP address to the client.
Force a new IP address to the client.
Disconnect the client from the network.
Disconnect the client from the network.
Suggested answer: B
Explanation:

Block Period

Enter the number of seconds that you want to block the requests. The valid range is 1--3,600 seconds. The default value is 60 seconds.

This option only takes effect when you choosePeriod BlockinAction.

Note: That's a temporary blacklist so you can manually release them from the blacklist.

asked 18/09/2024
Alexander Goris
30 questions

Question 24

Report Export Collapse

Which regex expression is the correct format for redirecting the URL http://www.example.com?

www\.example\.com
www\.example\.com
www.example.com
www.example.com
www\example\com
www\example\com
www/.example/.com
www/.example/.com
Suggested answer: B
Explanation:

\1://www.company.com/\2/\3

asked 18/09/2024
Judith Persons
48 questions

Question 25

Report Export Collapse

When FortiWeb triggers a redirect action, which two HTTP codes does it send to the client to inform the browser of the new URL? (Choose two.)

403
403
302
302
301
301
404
404
Suggested answer: B, C
asked 18/09/2024
Stefan Hupfloher
55 questions

Question 26

Report Export Collapse

True transparent proxy mode is best suited for use in which type of environment?

New networks where infrastructure is not yet defined
New networks where infrastructure is not yet defined
Flexible environments where you can easily change the IP addressing scheme
Flexible environments where you can easily change the IP addressing scheme
Small office to home office environments
Small office to home office environments
Environments where you cannot change the IP addressing scheme
Environments where you cannot change the IP addressing scheme
Suggested answer: B
Explanation:

'Because blocking is not guaranteed to succeed in offline mode, this mode is best used during the evaluation and planning phase, early in implementation. Reverse proxy is the most popular operating mode. It can rewrite URLs, offload TLS, load balance, and apply NAT. For very large MSSP, true transparent mode has a significant advantage. You can drop it in without changing any schemes of limited IPv4 space--in transparent mode, you don't need to give IP addresses to the network interfaces on FortiWeb.'

asked 18/09/2024
Koen Poos
47 questions

Question 27

Report Export Collapse

When is it possible to use a self-signed certificate, rather than one purchased from a commercial certificate authority?

If you are a small business or home office
If you are a small business or home office
If you are an enterprise whose employees use only mobile devices
If you are an enterprise whose employees use only mobile devices
If you are an enterprise whose resources do not need security
If you are an enterprise whose resources do not need security
If you are an enterprise whose computers all trust your active directory or other CA server
If you are an enterprise whose computers all trust your active directory or other CA server
Suggested answer: D
asked 18/09/2024
Ibiyemi Araoye
45 questions

Question 28

Report Export Collapse

In which scenario might you want to use the compression feature on FortiWeb?

When you are serving many corporate road warriors using 4G tablets and phones
When you are serving many corporate road warriors using 4G tablets and phones
When you are offering a music streaming service
When you are offering a music streaming service
When you want to reduce buffering of video streams
When you want to reduce buffering of video streams
Never, since most traffic today is already highly compressed
Never, since most traffic today is already highly compressed
Suggested answer: A
Explanation:

https://training.fortinet.com/course/view.php?id=3363

When might you want to use the compression feature on FortiWeb? When you are serving many road warriors who are using 4G tablets and phones

asked 18/09/2024
Vishal Gandhi
41 questions

Question 29

Report Export Collapse

The FortiWeb machine learning (ML) feature is a two-phase analysis mechanism.

Which two functions does the first layer perform? (Choose two.)

Determines whether an anomaly is a real attack or just a benign anomaly that should be ignored
Determines whether an anomaly is a real attack or just a benign anomaly that should be ignored
Builds a threat model behind every parameter and HTTP method
Builds a threat model behind every parameter and HTTP method
Determines if a detected threat is a false-positive or not
Determines if a detected threat is a false-positive or not
Determines whether traffic is an anomaly, based on observed application traffic over time
Determines whether traffic is an anomaly, based on observed application traffic over time
Suggested answer: B, D
Explanation:

The first layer uses the Hidden Markov Model (HMM) and monitors access to the application and collects data to build a mathematical model behind every parameter and HTTP method.

asked 18/09/2024
Mark Green
55 questions

Question 30

Report Export Collapse

In which two operating modes can FortiWeb modify HTTP packets? (Choose two.)

Offline protection
Offline protection
Transparent inspection
Transparent inspection
True transparent proxy
True transparent proxy
Reverse proxy
Reverse proxy
Suggested answer: C, D
asked 18/09/2024
Jesse Moisio
53 questions
Total 56 questions
Go to page: of 6
Open VPLUS File
Convert VPLUS to PDF

Related questions

The FortiWeb machine learning (ML) feature is a two-phase analysis mechanism. Which two functions does the first layer perform? (Choose two.)
You've configured an authentication rule with delegation enabled on FortiWeb. What happens when a user tries to access the web application?
In which scenario might you want to use the compression feature on FortiWeb?
True transparent proxy mode is best suited for use in which type of environment?
Which is true about HTTPS on FortiWeb? (Choose three.)
You are using HTTP content routing on FortiWeb. Requests for web app A should be forwarded to a cluster of web servers which all host the same web app. Requests for web app B should be forwarded to a different, single web server. Which is true about the solution?
Refer to the exhibit. Many legitimate users are being identified as bots. FortiWeb bot detection has been configured with the settings shown in the exhibit. The FortiWeb administrator has already verified that the current model is accurate. What can the administrator do to fix this problem, making sure that real bots are not allowed through FortiWeb?
A client is trying to start a session from a page that would normally be accessible only after the client has logged in. When a start page rule detects the invalid session access, what can FortiWeb do? (Choose three.)
In which two operating modes can FortiWeb modify HTTP packets? (Choose two.)
Which algorithm is used to build mathematical models for bot detection?