ExamGecko
Search Search Login
Home Home / Fortinet / NSE6_FWB-6.4

Fortinet NSE6_FWB-6.4 Practice Test - Questions Answers, Page 5

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

True transparent proxy mode is best suited for use in which type of environment?
You've configured an authentication rule with delegation enabled on FortiWeb. What happens when a user tries to access the web application?
You are using HTTP content routing on FortiWeb. Requests for web app A should be forwarded to a cluster of web servers which all host the same web app. Requests for web app B should be forwarded to a different, single web server. Which is true about the solution?
In which scenario might you want to use the compression feature on FortiWeb?
Which algorithm is used to build mathematical models for bot detection?
Which is true about HTTPS on FortiWeb? (Choose three.)
Refer to the exhibit. Many legitimate users are being identified as bots. FortiWeb bot detection has been configured with the settings shown in the exhibit. The FortiWeb administrator has already verified that the current model is accurate. What can the administrator do to fix this problem, making sure that real bots are not allowed through FortiWeb?
When integrating FortiWeb and FortiAnalyzer, why is the selection for FortiWeb Version critical? (Choose two)
In which two operating modes can FortiWeb modify HTTP packets? (Choose two.)
The FortiWeb machine learning (ML) feature is a two-phase analysis mechanism. Which two functions does the first layer perform? (Choose two.)

Question 41

Report
Export
Collapse

You are deploying FortiWeb 6.4 in an Amazon Web Services cloud. Which 2 lines of this initial setup via CLI are incorrect? (Choose two.)

A.
6
A.
6
Answers
B.
9
B.
9
Answers
C.
3
C.
3
Answers
D.
2
D.
2
Answers
Suggested answer: A, C

Question 42

Report
Export
Collapse

How does offloading compression to FortiWeb benefit your network?

A.
free up resources on the database server
A.
free up resources on the database server
Answers
B.
Free up resources on the web server
B.
Free up resources on the web server
Answers
C.
reduces file size on the client's storage
C.
reduces file size on the client's storage
Answers
D.
free up resources on the FortiGate
D.
free up resources on the FortiGate
Answers
Suggested answer: B

Question 43

Report
Export
Collapse

When the FortiWeb is configured in Reverse Proxy mode and the FortiGate is configured as an SNAT device, what IP address will the FortiGate's Real Server configuration point at?

A.
Virtual Server IP on the FortiGate
A.
Virtual Server IP on the FortiGate
Answers
B.
Server's real IP
B.
Server's real IP
Answers
C.
FortiWeb's real IP
C.
FortiWeb's real IP
Answers
D.
IP Address of the Virtual Server on the FortiWeb
D.
IP Address of the Virtual Server on the FortiWeb
Answers
Suggested answer: A

Question 44

Report
Export
Collapse

How does your FortiWeb configuration differ if the FortiWeb is upstream of the SNAT device instead of downstream of the SNAT device?

A.
You must enable the ''Use'' X-Forwarded-For: option.
A.
You must enable the ''Use'' X-Forwarded-For: option.
Answers
B.
FortiWeb must be set for Transparent Mode
B.
FortiWeb must be set for Transparent Mode
Answers
C.
No special configuration required
C.
No special configuration required
Answers
D.
You must enable ''Add'' X-Forwarded-For: instead of the ''Use'' X-Forwarded-For: option.
D.
You must enable ''Add'' X-Forwarded-For: instead of the ''Use'' X-Forwarded-For: option.
Answers
Suggested answer: D

Question 45

Report
Export
Collapse

You are using HTTP content routing on FortiWeb. Requests for web app A should be forwarded to a cluster of web servers which all host the same web app. Requests for web app B should be forwarded to a different, single web server.

Which is true about the solution?

A.
Static or policy-based routes are not required.
A.
Static or policy-based routes are not required.
Answers
B.
To achieve HTTP content routing, you must chain policies: the first policy accepts all traffic, and forwards requests for web app A to the virtual server for policy A. It also forwards requests for web app B to the virtual server for policy B. Policy A and Policy B apply their app-specific protection profiles, and then distribute that app's traffic among all members of the server farm.
B.
To achieve HTTP content routing, you must chain policies: the first policy accepts all traffic, and forwards requests for web app A to the virtual server for policy A. It also forwards requests for web app B to the virtual server for policy B. Policy A and Policy B apply their app-specific protection profiles, and then distribute that app's traffic among all members of the server farm.
Answers
C.
You must put the single web server into a server pool in order to use it with HTTP content routing.
C.
You must put the single web server into a server pool in order to use it with HTTP content routing.
Answers
D.
The server policy applies the same protection profile to all its protected web apps.
D.
The server policy applies the same protection profile to all its protected web apps.
Answers
Suggested answer: B

Question 46

Report
Export
Collapse

In Reverse proxy mode, how does FortiWeb handle traffic that does not match any defined policies?

A.
Non-matching traffic is allowed
A.
Non-matching traffic is allowed
Answers
B.
non-Matching traffic is held in buffer
B.
non-Matching traffic is held in buffer
Answers
C.
Non-matching traffic is Denied
C.
Non-matching traffic is Denied
Answers
D.
Non-matching traffic is rerouted to FortiGate
D.
Non-matching traffic is rerouted to FortiGate
Answers
Suggested answer: C

Question 47

Report
Export
Collapse

You've configured an authentication rule with delegation enabled on FortiWeb.

What happens when a user tries to access the web application?

A.
FrotiWeb redirects users to a FortiAuthenticator page, then if the user authenticates successfully, FortiGate signals to FortiWeb to allow access to the web app
A.
FrotiWeb redirects users to a FortiAuthenticator page, then if the user authenticates successfully, FortiGate signals to FortiWeb to allow access to the web app
Answers
B.
ForitWeb redirects the user to the web app's authentication page
B.
ForitWeb redirects the user to the web app's authentication page
Answers
C.
FortiWeb forwards the HTTP challenge from the server to the client, then monitors the reply, allowing access if the user authenticates successfully
C.
FortiWeb forwards the HTTP challenge from the server to the client, then monitors the reply, allowing access if the user authenticates successfully
Answers
D.
FortiWeb replies with a HTTP challenge of behalf of the server, the if the user authenticates successfully, FortiWeb allows the request and also includes credentials in the request that it forwards to the web app
D.
FortiWeb replies with a HTTP challenge of behalf of the server, the if the user authenticates successfully, FortiWeb allows the request and also includes credentials in the request that it forwards to the web app
Answers
Suggested answer: A

Question 48

Report
Export
Collapse

When integrating FortiWeb and FortiAnalyzer, why is the selection for FortiWeb Version critical? (Choose two)

A.
Defines Log file format
A.
Defines Log file format
Answers
B.
Defines communication protocol
B.
Defines communication protocol
Answers
C.
Defines Database Schema
C.
Defines Database Schema
Answers
D.
Defines Log storage location
D.
Defines Log storage location
Answers
Suggested answer: A, D

Question 49

Report
Export
Collapse

An e-commerce web app is used by small businesses. Clients often access it from offices behind a router, where clients are on an IPv4 private network LAN. You need to protect the web application from denial of service attacks that use request floods.

What FortiWeb feature should you configure?

A.
Enable ''Shared IP'' and configure the separate rate limits for requests from NATted source IPs.
A.
Enable ''Shared IP'' and configure the separate rate limits for requests from NATted source IPs.
Answers
B.
Configure FortiWeb to use ''X-Forwarded-For:'' headers to find each client's private network IP, and to block attacks using that.
B.
Configure FortiWeb to use ''X-Forwarded-For:'' headers to find each client's private network IP, and to block attacks using that.
Answers
C.
Enable SYN cookies.
C.
Enable SYN cookies.
Answers
D.
Configure a server policy that matches requests from shared Internet connections.
D.
Configure a server policy that matches requests from shared Internet connections.
Answers
Suggested answer: C

Question 50

Report
Export
Collapse

Under which circumstances does FortiWeb use its own certificates? (Choose Two)

A.
Secondary HTTPS connection to server where FortiWeb acts as a client
A.
Secondary HTTPS connection to server where FortiWeb acts as a client
Answers
B.
HTTPS to clients
B.
HTTPS to clients
Answers
C.
HTTPS access to GUI
C.
HTTPS access to GUI
Answers
D.
HTTPS to FortiGate
D.
HTTPS to FortiGate
Answers
Suggested answer: A, C
Total 56 questions
Go to page: of 6
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms