Fortinet NSE6_FWB-6.4 Exam Practice Test Instant Access

Question 1

What key factor must be considered when setting brute force rate limiting and blocking?

AA single client contacting multiple resources

BMultiple clients sharing a single Internet connection

CMultiple clients from geographically diverse locations

DMultiple clients connecting to multiple resources

Answer : B

https://training.fortinet.com/course/view.php?id=3363 What is one key factor that you must consider when setting brute force rate limiting and blocking? Multiple clients sharing a single Internet connection

Question 2

The FortiWeb machine learning (ML) feature is a two-phase analysis mechanism.

Which two functions does the first layer perform? (Choose two.)

ADetermines whether an anomaly is a real attack or just a benign anomaly that should be ignored

BBuilds a threat model behind every parameter and HTTP method

CDetermines if a detected threat is a false-positive or not

DDetermines whether traffic is an anomaly, based on observed application traffic over time

Answer : B, D

The first layer uses the Hidden Markov Model (HMM) and monitors access to the application and collects data to build a mathematical model behind every parameter and HTTP method.

Question 3

How does your FortiWeb configuration differ if the FortiWeb is upstream of the SNAT device instead of downstream of the SNAT device?

AYou must enable the ''Use'' X-Forwarded-For: option.

BFortiWeb must be set for Transparent Mode

CNo special configuration required

DYou must enable ''Add'' X-Forwarded-For: instead of the ''Use'' X-Forwarded-For: option.

Answer : D

Question 4

Which is true about HTTPS on FortiWeb? (Choose three.)

AFor SNI, you select the certificate that FortiWeb will present in the server pool, not in the server policy.

BAfter enabling HSTS, redirects to HTTPS are no longer necessary.

CIn true transparent mode, the TLS session terminator is a protected web server.

DEnabling RC4 protects against the BEAST attack, but is not recommended if you configure FortiWeb to only offer TLS 1.2.

EIn transparent inspection mode, you select which certificate that FortiWeb will present in the server pool, not in the server policy.

Answer : A, C, E

Question 5

You are using HTTP content routing on FortiWeb. Requests for web app A should be forwarded to a cluster of web servers which all host the same web app. Requests for web app B should be forwarded to a different, single web server.

Which is true about the solution?

AStatic or policy-based routes are not required.

BTo achieve HTTP content routing, you must chain policies: the first policy accepts all traffic, and forwards requests for web app A to the virtual server for policy A. It also forwards requests for web app B to the virtual server for policy B. Policy A and Policy B apply their app-specific protection profiles, and then distribute that app's traffic among all members of the server farm.

CYou must put the single web server into a server pool in order to use it with HTTP content routing.

DThe server policy applies the same protection profile to all its protected web apps.

Answer : B

Question 6

Which three statements about HTTPS on FortiWeb are true? (Choose three.)

AFor SNI, you select the certificate that FortiWeb will present in the server pool, not in the server policy.

BAfter enabling HSTS, redirects to HTTPS are no longer necessary.

CIn true transparent mode, the TLS session terminator is a protected web server.

DEnabling RC4 protects against the BEAST attack, but is not recommended if you configure FortiWeb to only offer TLS 1.2.

EIn transparent inspection mode, you select which certificate that FortiWeb will present in the server pool, not in the server policy.

Answer : C, D, E

Question 7

When viewing the attack logs on FortiWeb, which client IP address is shown when you are using XFF header rules?

AFortiGate public IP

BFortiWeb IP

CFortiGate local IP

DClient real IP

Answer : D

When an XFF header reaches Alteon from a client, Alteon removes all the content from the header and injects the client IP address. Alteon then forwards the header to the server.

Fortinet NSE 6 - FortiWeb 6.4 NSE6_FWB-6.4 Exam Practice Test