Fortinet NSE6_FWB-6.4 Exam Practice Test Instant Access

Question 1

Under what circumstances would you want to use the temporary uncompress feature of FortiWeb?

AIn the case of compression being done on the FortiWeb, to inspect the content of the compressed file

BIn the case of the file being a .MP3 music file

CIn the case of compression being done on the web server, to inspect the content of the compressed file.

DIn the case of the file being an .MP4 video

Answer : C

Question 2

You are configuring FortiAnalyzer to store logs from FortiWeb.

Which is true?

AFortiAnalyzer will store antivirus and DLP archives from FortiWeb.

BYou must enable ADOMs on FortiAnalyzer.

CTo store logs from FortiWeb 6.4, on FortiAnalyzer, you must select ''FrotiWeb 6.1''.

DFortiWeb will query FortiAnalyzer for reports, instead of generating them locally.

Answer : B

Question 3

Which of the following would be a reason for implementing rewrites?

APage has been moved to a new URL

BPage has been moved to a new IP address

CReplace vulnerable functions.

DSend connection to secure channel

Answer : C

Question 4

When integrating FortiWeb and FortiAnalyzer, why is the selection for FortiWeb Version critical? (Choose two)

ADefines Log file format

BDefines communication protocol

CDefines Database Schema

DDefines Log storage location

Answer : A, D

Question 5

An e-commerce web app is used by small businesses. Clients often access it from offices behind a router, where clients are on an IPv4 private network LAN. You need to protect the web application from denial of service attacks that use request floods.

What FortiWeb feature should you configure?

AEnable ''Shared IP'' and configure the separate rate limits for requests from NATted source IPs.

BConfigure FortiWeb to use ''X-Forwarded-For:'' headers to find each client's private network IP, and to block attacks using that.

CEnable SYN cookies.

DConfigure a server policy that matches requests from shared Internet connections.

Answer : C

Question 6

You are deploying FortiWeb 6.4 in an Amazon Web Services cloud. Which 2 lines of this initial setup via CLI are incorrect? (Choose two.)

Answer : A, C

Question 7

You've configured an authentication rule with delegation enabled on FortiWeb.

What happens when a user tries to access the web application?

AFrotiWeb redirects users to a FortiAuthenticator page, then if the user authenticates successfully, FortiGate signals to FortiWeb to allow access to the web app

BForitWeb redirects the user to the web app's authentication page

CFortiWeb forwards the HTTP challenge from the server to the client, then monitors the reply, allowing access if the user authenticates successfully

DFortiWeb replies with a HTTP challenge of behalf of the server, the if the user authenticates successfully, FortiWeb allows the request and also includes credentials in the request that it forwards to the web app

Answer : A

Fortinet NSE 6 - FortiWeb 6.4 NSE6_FWB-6.4 Exam Practice Test