Fortinet NSE6_FWB-6.4 Exam Practice Test Instant Access

Question 1

Refer to the exhibit.

FortiWeb is configured to block traffic from Japan to your web application server. However, in the logs, the administrator is seeing traffic allowed from one particular IP address which is geo-located in Japan.

What can the administrator do to solve this problem? (Choose two.)

AManually update the geo-location IP addresses for Japan.

BIf the IP address is configured as a geo reputation exception, remove it.

CConfigure the IP address as a blacklisted IP address.

DIf the IP address is configured as an IP reputation exception, remove it.

Answer : B, C

Question 2

What must you do with your FortiWeb logs to ensure PCI DSS compliance?

AStore in an off-site location

BErase them every two weeks

CEnable masking of sensitive data

DCompress them into a .zip file format

Answer : C

Question 3

Which is true about HTTPS on FortiWeb? (Choose three.)

AFor SNI, you select the certificate that FortiWeb will present in the server pool, not in the server policy.

BAfter enabling HSTS, redirects to HTTPS are no longer necessary.

CIn true transparent mode, the TLS session terminator is a protected web server.

DEnabling RC4 protects against the BEAST attack, but is not recommended if you configure FortiWeb to only offer TLS 1.2.

EIn transparent inspection mode, you select which certificate that FortiWeb will present in the server pool, not in the server policy.

Answer : A, C, E

Question 4

Which algorithm is used to build mathematical models for bot detection?

AHCM

BSVN

CSVM

DHMM

Answer : C

FortiWeb uses SVM (Support Vector Machine) algorithm to build up the bot detection model

Question 5

What role does FortiWeb play in ensuring PCI DSS compliance?

APCI specifically requires a WAF

BProvides credit card processing capabilities

CProvide ability to securely process cash transactions

DProvides load balancing between multiple web servers

Answer : A

FortiWeb helps you meet all PCI requirements, but PCI now specifically recommends using a WAF, and developing remediations against the top 10 vulnerabilities, according to OWASP.

Question 6

Refer to the exhibit.

There is only one administrator account configured on FortiWeb. What must an administrator do to restrict any brute force attacks that attempt to gain access to the FortiWeb management GUI?

ADelete the built-in administrator user and create a new one.

BConfigure IPv4 Trusted Host # 3 with a specific IP address.

CThe configuration changes must be made on the upstream device.

DChange the Access Profile to Read_Only.

Answer : B

Question 7

Which of the following is true about Local User Accounts?

AMust be assigned regardless of any other authentication

BCan be used for Single Sign On

CCan be used for site publishing

DBest suited for large environments with many users

Answer : C

Fortinet NSE 6 - FortiWeb 6.4 NSE6_FWB-6.4 Exam Practice Test