Fortinet NSE6_FWB-6.4 Exam Questions Instant Access

Question 1

What role does FortiWeb play in ensuring PCI DSS compliance?

APCI specifically requires a WAF

BProvides credit card processing capabilities

CProvide ability to securely process cash transactions

DProvides load balancing between multiple web servers

Answer : A

FortiWeb helps you meet all PCI requirements, but PCI now specifically recommends using a WAF, and developing remediations against the top 10 vulnerabilities, according to OWASP.

Question 2

When the FortiWeb is configured in Reverse Proxy mode and the FortiGate is configured as an SNAT device, what IP address will the FortiGate's Real Server configuration point at?

AVirtual Server IP on the FortiGate

BServer's real IP

CFortiWeb's real IP

DIP Address of the Virtual Server on the FortiWeb

Answer : A

Question 3

When FortiWeb triggers a redirect action, which two HTTP codes does it send to the client to inform the browser of the new URL? (Choose two.)

A403

B302

C301

D404

Answer : B, C

Question 4

Which two statements about running a vulnerability scan are true? (Choose two.)

AYou should run the vulnerability scan during a maintenance window.

BYou should run the vulnerability scan in a test environment.

CVulnerability scanning increases the load on FortiWeb, so it should be avoided.

DYou should run the vulnerability scan on a live website to get accurate results.

Answer : A, B

Should the Vulnerability Scanner allow it, SVMS will set the scan schedule (or schedules) to run in a maintenance window. SVMS will advise Client of the scanner's ability to complete the scan(s) within the maintenance window.

Vulnerabilities on live web sites. Instead, duplicate the web site and its database in a test environment.

https://help.fortinet.com/fweb/552/Content/FortiWeb/fortiweb-admin/vulnerability_scans.htm

Question 5

The FortiWeb machine learning (ML) feature is a two-phase analysis mechanism.

Which two functions does the first layer perform? (Choose two.)

ADetermines whether an anomaly is a real attack or just a benign anomaly that should be ignored

BBuilds a threat model behind every parameter and HTTP method

CDetermines if a detected threat is a false-positive or not

DDetermines whether traffic is an anomaly, based on observed application traffic over time

Answer : B, D

The first layer uses the Hidden Markov Model (HMM) and monitors access to the application and collects data to build a mathematical model behind every parameter and HTTP method.

Question 6

What can an administrator do if a client has been incorrectly period blocked?

ANothing, it is not possible to override a period block.

BManually release the ID address from the temporary blacklist.

CForce a new IP address to the client.

DDisconnect the client from the network.

Answer : B

Block Period

Enter the number of seconds that you want to block the requests. The valid range is 1--3,600 seconds. The default value is 60 seconds.

This option only takes effect when you choosePeriod BlockinAction.

Note: That's a temporary blacklist so you can manually release them from the blacklist.

Question 7

You are using HTTP content routing on FortiWeb. You want requests for web application A to be forwarded to a cluster of web servers, which all host the same web application. You want requests for web application B to be forwarded to a different, single web server.

Which statement about this solution is true?

AThe server policy applies the same protection profile to all of its protected web applications.

BYou must put the single web server in to a server pool, in order to use it with HTTP content routing.

CYou must chain policies so that requests for web application A go to the virtual server for policy A, and requests for web application B go to the virtual server for policy B.

DStatic or policy-based routes are not required.

Answer : D

Fortinet NSE 6 - FortiWeb 6.4 NSE6_FWB-6.4 Exam Questions