NSE6_FWB-6.0 Online Practice Questions and Answers

How does an ADOM differ from a VDOM?

A. ADOMs do not have virtual networking

B. ADOMs improve performance by offloading some functions.

C. ADOMs only affect specific functions, and do not provide full separation like VDOMs do.

D. Allows you to have 1 administrator for multiple tenants

You are configuring FortiAnalyzer to store logs from FortiWeb. Which is true?

A. FortiAnalyzer will store antivirus and DLP archives from FortiWeb.

B. You must enable ADOMs on FortiAnalyzer.

C. To store logs from FortiWeb 6.0, on FortiAnalyzer, you must select "FrotiWeb 5.4".

D. FortiWeb will query FortiAnalyzer for reports, instead of generating them locally.

Which of the following would be a reason for implementing rewrites?

A. Page has been moved to a new URL

B. Page has been moved to a new IP address

C. Replace vulnerable functions.

D. Send connection to secure channel

A client is trying to start a session from a page that should normally be accessible only after they have

logged in.

When a start page rule detects the invalid session access, what can FortiWeb do? (Choose three.)

A. Reply with a "403 Forbidden" HTTP error

B. Allow the page access, but log the violation

C. Automatically redirect the client to the login page

D. Display an access policy message, then allow the client to continue, redirecting them to their requested page

E. Prompt the client to authenticate

When viewing the attack logs on your FortiWeb, which IP Address is shown for the client when using XFF Header rules?

A. FortiGate's public IP

B. FortiGate's local IP

C. FortiWeb's IP

D. Client's real IP

Which of the following is true about Local User Accounts?

A. Must be assigned regardless of any other authentication

B. Can be used for Single Sign On

C. Can be used for site publishing

D. Best suited for large environments with many users

In which operation mode(s) can FortiWeb modify HTTP packets? (Choose two.)

A. Transparent Inspection

B. Offline protection

C. True transparent proxy

D. Reverse proxy

What other consideration must you take into account when configuring Defacement protection A. Use FortiWeb to block SQL Injections and keep regular backups of the Database

B. Also incorporate a FortiADC into your network

C. None. FortiWeb completely secures the site against defacement attacks

D. Configure the FortiGate to perform Anti-Defacement as well

What is one of the key benefits of the FortiGuard IP Reputation feature?

A. FortiGuard maintains a list of public IPs with a bad reputation for participating in attacks.

B. It is updated once per year

C. Provides a Document of IP addresses that are suspect, so that administrators can manually update their blacklists

D. It maintains a list of private IP addresses

When the FortiWeb is configured in Reverse Proxy mode and the FortiGate is configured as an SNAT device, what IP address will the FortiGate's Real Server configuration point at?

A. Virtual Server IP on the FortiGate

B. Server's real IP

C. FortiWeb's real IP

D. IP Address of the Virtual Server on the FortiWeb

You've configured an authentication rule with delegation enabled on FortiWeb. What happens when a user tries to access the web application?

A. FrotiWeb redirects users to a FortiAuthenticator page, then if the user authenticates successfully, FortiGate signals to FortiWeb to allow access to the web app

B. ForitWeb redirects the user to the web app's authentication page

C. FortiWeb forwards the HTTP challenge from the server to the client, then monitors the reply, allowing access if the user authenticates successfully

D. FortiWeb replies with a HTTP challenge of behalf of the server, the if the user authenticates successfully, FortiWeb allows the request and also includes credentials in the request that it forwards to the web app

Which operation mode does not require additional configuration in order to allow FTP traffic to your web server?

A. Offline Protection

B. Transparent Inspection

C. True Transparent Proxy

D. Reverse-Proxy

Which implementation is best suited for a deployment that must meet compliance criteria?

A. SSL Inspection with FortiWeb in Transparency mode

B. SSL Offloading with FortiWeb in reverse proxy mode

C. SSL Inspection with FrotiWeb in Reverse Proxy mode

D. SSL Offloading with FortiWeb in Transparency Mode

Reverse-proxy mode is best suited for use in which type of environment?

A. New networks where infrastructure is not yet defined

B. Environments where you cannot change your IP addressing scheme

C. Flexible environments where you can easily change the IP addressing scheme

D. Small Office/Home Office environments

What benefit does Auto Learning provide?

A. Automatically identifies and blocks suspicious IPs

B. FortiWeb scans all traffic without taking action and makes recommendations on rules

C. Automatically builds rules sets

D. Automatically blocks all detected threats