Fortinet NSE6_FWB-6.4 Exam Practice Test Instant Access

Question 1

What capability can FortiWeb add to your Web App that your Web App may or may not already have?

AAutomatic backup and recovery

BHigh Availability

CHTTP/HTML Form Authentication

DSSL Inspection

Answer : C

Question 2

In which operation mode(s) can FortiWeb modify HTTP packets? (Choose two.)

ATransparent Inspection

BOffline protection

CTrue transparent proxy

DReverse proxy

Answer : C, D

Question 3

Which of the following is true about Local User Accounts?

AMust be assigned regardless of any other authentication

BCan be used for Single Sign On

CCan be used for site publishing

DBest suited for large environments with many users

Answer : C

Question 4

Which is true about HTTPS on FortiWeb? (Choose three.)

AFor SNI, you select the certificate that FortiWeb will present in the server pool, not in the server policy.

BAfter enabling HSTS, redirects to HTTPS are no longer necessary.

CIn true transparent mode, the TLS session terminator is a protected web server.

DEnabling RC4 protects against the BEAST attack, but is not recommended if you configure FortiWeb to only offer TLS 1.2.

EIn transparent inspection mode, you select which certificate that FortiWeb will present in the server pool, not in the server policy.

Answer : A, C, E

Question 5

A client is trying to start a session from a page that should normally be accessible only after they have logged in.

When a start page rule detects the invalid session access, what can FortiWeb do? (Choose three.)

AReply with a ''403 Forbidden'' HTTP error

BAllow the page access, but log the violation

CAutomatically redirect the client to the login page

DDisplay an access policy message, then allow the client to continue, redirecting them to their requested page

EPrompt the client to authenticate

Answer : A, B, C

Question 6

Refer to the exhibit.

Based on the configuration, what would happen if this FortiWeb were to lose power? (Choose two.)

ATraffic that passes between port5 and port6 will be inspected.

BTraffic will be interrupted between port3 and port4.

CAll traffic will be interrupted.

DTraffic will pass between port5 and port6 uninspected.

Answer : B, D

Question 7

Which statement about local user accounts is true?

AThey are best suited for large environments with many users.

BThey cannot be used for site publishing.

CThey must be assigned, regardless of any other authentication.

DThey can be used for SSO.

Answer : B

Fortinet NSE6_FWB-6.4 Fortinet NSE 6 - FortiWeb 6.4 Exam Practice Test