NSE6_FWB-6.4 Online Practice Questions and Answers

Review the following configuration:

What is the expected result of this configuration setting?

A. When machine learning (ML) is in its collecting phase, FortiWeb will accept an unlimited number of samples from the same source IP address.

B. When machine learning (ML) is in its running phase, FortiWeb will accept an unlimited number of samples from the same source IP address.

C. When machine learning (ML) is in its collecting phase, FortiWeb will not accept any samples from any source IP addresses.

D. When machine learning (ML) is in its running phase, FortiWeb will accept a set number of samples from the same source IP address.

Which implementation is best suited for a deployment that must meet compliance criteria?

A. SSL Inspection with FortiWeb in Transparency mode

B. SSL Offloading with FortiWeb in reverse proxy mode

C. SSL Inspection with FrotiWeb in Reverse Proxy mode

D. SSL Offloading with FortiWeb in Transparency Mode

Which would be a reason to implement HTTP rewriting?

A. The original page has moved to a new URL

B. To replace a vulnerable function in the requested URL

C. To send the request to secure channel

D. The original page has moved to a new IP address

You've configured an authentication rule with delegation enabled on FortiWeb. What happens when a user tries to access the web application?

A. FrotiWeb redirects users to a FortiAuthenticator page, then if the user authenticates successfully, FortiGate signals to FortiWeb to allow access to the web app

B. ForitWeb redirects the user to the web app's authentication page

C. FortiWeb forwards the HTTP challenge from the server to the client, then monitors the reply, allowing access if the user authenticates successfully

D. FortiWeb replies with a HTTP challenge of behalf of the server, the if the user authenticates successfully, FortiWeb allows the request and also includes credentials in the request that it forwards to the web app

You are using HTTP content routing on FortiWeb. You want requests for web application A to be forwarded to a cluster of web servers, which all host the same web application. You want requests for web application B to be forwarded to a different, single web server.

Which statement about this solution is true?

A. The server policy applies the same protection profile to all of its protected web applications.

B. You must put the single web server in to a server pool, in order to use it with HTTP content routing.

C. You must chain policies so that requests for web application A go to the virtual server for policy A, and requests for web application B go to the virtual server for policy B.

D. Static or policy-based routes are not required.

What role does FortiWeb play in ensuring PCI DSS compliance?

A. PCI specifically requires a WAF

B. Provides credit card processing capabilities

C. Provide ability to securely process cash transactions

D. Provides load balancing between multiple web servers

What key factor must be considered when setting brute force rate limiting and blocking?

A. A single client contacting multiple resources

B. Multiple clients sharing a single Internet connection

C. Multiple clients from geographically diverse locations

D. Multiple clients connecting to multiple resources

Which operation mode does not require additional configuration in order to allow FTP traffic to your web server?

A. Offline Protection

B. Transparent Inspection

C. True Transparent Proxy

D. Reverse-Proxy

How does your FortiWeb configuration differ if the FortiWeb is upstream of the SNAT device instead of downstream of the SNAT device?

A. You must enable the "Use" X-Forwarded-For: option.

B. FortiWeb must be set for Transparent Mode

C. No special configuration required

D. You must enable "Add" X-Forwarded-For: instead of the "Use" X-Forwarded-For: option.

Under which circumstances does FortiWeb use its own certificates? (Choose Two)

A. Secondary HTTPS connection to server where FortiWeb acts as a client

B. HTTPS to clients

C. HTTPS access to GUI

D. HTTPS to FortiGate