NSE6_FWB-6.1 Online Practice Questions and Answers

What can an administrator do if a client has been incorrectly Period Blocked?

A. Disconnect the client from the network

B. Manually release the IP from the temporary Blacklist

C. Nothing, it is not possible to override a Period Block

D. Force a new IP address to the client.

When viewing the attack logs on your FortiWeb, which IP Address is shown for the client when using XFF Header rules?

A. FortiGate's public IP

B. FortiGate's local IP

C. FortiWeb's IP

D. Client's real IP

Which of the following is true about Local User Accounts?

A. Must be assigned regardless of any other authentication

B. Can be used for Single Sign On

C. Can be used for site publishing

D. Best suited for large environments with many users

What other consideration must you take into account when configuring Defacement protection A. Use FortiWeb to block SQL Injections and keep regular backups of the Database

B. Also incorporate a FortiADC into your network

C. None. FortiWeb completely secures the site against defacement attacks

D. Configure the FortiGate to perform Anti-Defacement as well

What is one of the key benefits of the FortiGuard IP Reputation feature?

A. FortiGuard maintains a list of public IPs with a bad reputation for participating in attacks.

B. It is updated once per year

C. Provides a Document of IP addresses that are suspect, so that administrators can manually update their blacklists

D. It maintains a list of private IP addresses

How does offloading compression to FortiWeb benefit your network?

A. free up resources on the database server

B. Free up resources on the web server

C. reduces file size on the client's storage

D. free up resources on the FortiGate

How does your FortiWeb configuration differ if the FortiWeb is upstream of the SNAT device instead of downstream of the SNAT device?

A. You must enable the "Use" X-Forwarded-For: option.

B. FortiWeb must be set for Transparent Mode

C. No special configuration required

D. You must enable "Add" X-Forwarded-For: instead of the "Use" X-Forwarded-For: option.

In Reverse proxy mode, how does FortiWeb handle traffic that does not match any defined policies?

A. Non-matching traffic is allowed

B. non-Matching traffic is held in buffer

C. Non-matching traffic is Denied

D. Non-matching traffic is rerouted to FortiGate

When integrating FortiWeb and FortiAnalyzer, why is the selection for FortiWeb Version critical? (Choose two)

A. Defines Log file format

B. Defines communication protocol

C. Defines Database Schema

D. Defines Log storage location

What role does FortiWeb play in ensuring PCI DSS compliance?

A. PCI specifically requires a WAF

B. Provides credit card processing capabilities

C. Provide ability to securely process cash transactions

D. Provides load balancing between multiple web servers

Which operation mode does not require additional configuration in order to allow FTP traffic to your web server?

A. Offline Protection

B. Transparent Inspection

C. True Transparent Proxy

D. Reverse-Proxy

Which implementation is best suited for a deployment that must meet compliance criteria?

A. SSL Inspection with FortiWeb in Transparency mode

B. SSL Offloading with FortiWeb in reverse proxy mode

C. SSL Inspection with FrotiWeb in Reverse Proxy mode

D. SSL Offloading with FortiWeb in Transparency Mode

What capability can FortiWeb add to your Web App that your Web App may or may not already have?

A. Automatic backup and recovery

B. High Availability

C. HTTP/HTML Form Authentication

D. SSL Inspection

Under which circumstances does FortiWeb use its own certificates? (Choose Two)

A. Secondary HTTPS connection to server where FortiWeb acts as a client

B. HTTPS to clients

C. HTTPS access to GUI

D. HTTPS to FortiGate

What benefit does Auto Learning provide?

A. Automatically identifies and blocks suspicious IPs

B. FortiWeb scans all traffic without taking action and makes recommendations on rules

C. Automatically builds rules sets

D. Automatically blocks all detected threats