NSE6_FAD-6.2 Online Practice Questions and Answers

Refer to the exhibit.

FortiADC is applying SNAT to all inbound traffic going to the servers. When an attack occurs, FortiWeb blocks traffic based on the 192.0.2.1 source IP address, which belongs to FortiADC. The setup is breaking all connectivity and genuine clients are not able to access the servers.

What must the administrator do to avoid this problem? (Choose two.)

A. Enable the Use X-Forwarded-For setting on FortiWeb.

B. No Special configuration is required; connectivity will be re-established after the set timeout.

C. Place FortiWeb in front of FortiADC.

D. Enable the Add X-Forwarded-For setting on FortiWeb.

A FortiADC administrator wants to offload SSL encryption and decryption of web traffic to lessen overhead on the real servers, while maintaining SSL encryption with the client.

Which must be true to allow FortiADC to provide this capability?

A. The real server pool must be configured for SSL

B. The virtual server must be configured to perform content routing

C. The real server certificate and private key must be installed on FortiADC

D. The virtual server must use a TCPS application profile

Which three statements about TurboHTTP are true?

A. It does not support content rewriting.

B. It is supported only on Layer 2 and layer 4 virtual servers.

C. It support the use of secured HTTP traffic.

D. It can be used with Layer 7 virtual servers.

E. It reduces network latency and system CPU usage.

In global load balancing, why might an administrator configure the response rate limit in FortiADC?

A. To redirect requests from a blocked county

B. To prevent FortiADG from being used in DNS amplification DoS attacks

C. To protect back-end servers from SYN flood attacks D. To prioritize outgoing traffic by sending it through the link with the lowed response time

An administrator has learned that some of the corporate web servers were exploited using SQL injection attacks. What should the administrator do to verify their web servers are not susceptible to the exploits?

A. Configure WVS

B. Configure a database health check

C. Configure DNSSEC

D. Configure SSLi

Which three types of content can you optimize using a page speed profile? (Choose three.)

A. Streaming

B. Image

C. CSS

D. Video

To which two objects can link policies apply in FortiADC? (Choose two.)

A. Virtual tunnel

B. Virtual server

C. Gateway

D. Link group

Which are two advantages of TCP multiplexing? (Choose two.)

A. it reduces the number of TCP sessions that the server

B. it allows FortiADC to balance a client TCP connection among multiple servers

C. A new client connection does not need to wait for a new FortiADC-to-server connection

D. It reduces the number of TCP sessions that clients need to establish

Which two actions can FortiADC take with the GeoIP block list when receiving requests from a blocked country's address space? (Choose two.)

A. Deny access

B. Redirect the request

C. Apply an HTTP protocol constraint

D. Send a 404 Not Found message

Which load balancing method requires the use of an SNMP health check?

A. Destination IP hash

B. Round robin

C. Dynamic load

D. Least connection