Fortinet NSE6_FAD-6.2 Exam Practice Test Instant Access

Question 1

Refer to the exhibit.

FortiADC is applying SNAT to all inbound traffic going to the servers. When an attack occurs, FortiWeb blocks traffic based on the 192.0.2.1 source IP address, which belongs to FortiADC. The setup is breaking all connectivity and genuine clients are not able to access the servers.

What must the administrator do to avoid this problem? (Choose two.)

AEnable the Use X-Forwarded-For setting on FortiWeb.

BNo Special configuration is required; connectivity will be re-established after the set timeout.

CPlace FortiWeb in front of FortiADC.

DEnable the Add X-Forwarded-For setting on FortiWeb.

Answer : A, C

Question 2

Which two configuration actions are possible when protecting application delivery servers from clients with IP addresses in the IP reputation database? (Choose two.)

AAutomatically create a WAF profile based on the traffic

BRedirect the traffic to a different URL

CBlock the traffic.

DAnalyze the traffic using WVS rules

Answer : B, C

Question 3

What is the primary function of a virtual server?

AIt balances traffic between real server pools

BIt manages real server resources

CIt processes client connections for application delivery

DIt detects real server vulnerabilities using VWS

Answer : A, C

Question 4

An administrator is managing a web site that uses specialized servers for streaming, in addition to servers that handle HTTP traffic.

To make sure that specialized servers handle the streaming traffic, what FortiADC capacity should they use?

APersistence rules

BContent routing

CDynamic load balancing

DHTTP compression

Answer : B

Question 5

To which two objects can link policies apply in FortiADC? (Choose two.)

AVirtual tunnel

BVirtual server

CGateway

DLink group

Answer : A, D

Question 6

Which three statements about TurboHTTP are true?

AIt does not support content rewriting.

BIt is supported only on Layer 2 and layer 4 virtual servers.

CIt support the use of secured HTTP traffic.

DIt can be used with Layer 7 virtual servers.

EIt reduces network latency and system CPU usage.

Answer : A, D, E

Question 7

A FortiADC administrator wants to offload SSL encryption and decryption of web traffic to lessen overhead on the real servers, while maintaining SSL encryption with the client.

Which must be true to allow FortiADC to provide this capability?

AThe real server pool must be configured for SSL

BThe virtual server must be configured to perform content routing

CThe real server certificate and private key must be installed on FortiADC

DThe virtual server must use a TCPS application profile

Answer : C

Fortinet NSE6_FAD-6.2 Fortinet NSE 6 - FortiADC 6.2 Exam Practice Test