Fortinet NSE6_FAD-6.2 Exam Practice Test Instant Access

Question 1

Which load balancing method requires the use of an SNMP health check?

ADestination IP hash

BRound robin

CDynamic load

DLeast connection

Answer : C

Question 2

Refer to the exhibit.

The exhibit shows the first few lines of three scripts, and a virtual server configuration leveraging these scripts.

Based on the way FortiADC prioritizes script execution, in what order will the scripts execute?

ACOOKIE_COMMANDS, GENERAL_REDIRECT, GEOIP_UTILITY

BCOOKIE_COMMANDS< GEOIP_UTILITY, GENERAL_REDIRECT

CGEOIP_UTILITY, GENERAL_ REDIRECT, COOKIE_COMMAND

Answer : A

Question 3

Which two FortiADC features can you um to harden the device and server security? (Choose two.)

AConnection limits

BWeb filtering

CAntivirus scanning

DFortiGuard IP reputation

Answer : A, D

Question 4

Refer to the exhibit.

FortiADC is applying SNAT to all inbound traffic going to the servers. When an attack occurs, FortiWeb blocks traffic based on the 192.0.2.1 source IP address, which belongs to FortiADC. The setup is breaking all connectivity and genuine clients are not able to access the servers.

What must the administrator do to avoid this problem? (Choose two.)

AEnable the Use X-Forwarded-For setting on FortiWeb.

BNo Special configuration is required; connectivity will be re-established after the set timeout.

CPlace FortiWeb in front of FortiADC.

DEnable the Add X-Forwarded-For setting on FortiWeb.

Answer : A, C

Question 5

A FortiADC administrator wants to offload SSL encryption and decryption of web traffic to lessen overhead on the real servers, while maintaining SSL encryption with the client.

Which must be true to allow FortiADC to provide this capability?

AThe real server pool must be configured for SSL

BThe virtual server must be configured to perform content routing

CThe real server certificate and private key must be installed on FortiADC

DThe virtual server must use a TCPS application profile

Answer : C

Question 6

Which two actions can FortiADC take with the GeoIP block list when receiving requests from a blocked country's address space? (Choose two.)

ADeny access

BRedirect the request

CApply an HTTP protocol constraint

DSend a 404 Not Found message

Answer : A, B

Question 7

An administrator has been assigned the task of protecting their company application delivery servers from OWASP top- 10 threats.

How must they configure FortiADC to provide this capability?

AConfigure advanced health checks

BConfigure Layer 7 custom rates

CConfigure the advanced WAF

DConfigure IPv4 firewall policies

Answer : C

Fortinet NSE 6 - FortiADC 6.2 NSE6_FAD-6.2 Exam Practice Test