Question #1
What can an administrator do if a client has been incorrectly Period Blocked?
- A . Disconnect the client from the network
- B . Manually release the IP from the temporary Blacklist
- C . Nothing, it is not possible to override a Period Block
- D . Force a new IP address to the client.
Correct Answer: B
Question #2
When generating a protection configuration from an auto learning report what critical step must you do before generating the final protection configuration?
- A . Restart the FortiWeb to clear the caches
- B . Drill down in the report to correct any false positives.
- C . Activate the report to create t profile
- D . Take the FortiWeb offline to apply the profile
Correct Answer: B
Question #3
How does an ADOM differ from a VDOM?
- A . ADOMs do not have virtual networking
- B . ADOMs improve performance by offloading some functions.
- C . ADOMs only affect specific functions, and do not provide full separation like VDOMs do.
- D . Allows you to have 1 administrator for multiple tenants
Correct Answer: D
Question #4
You are configuring FortiAnalyzer to store logs from FortiWeb.
Which is true?
- A . FortiAnalyzer will store antivirus and DLP archives from FortiWeb.
- B . You must enable ADOMs on FortiAnalyzer.
- C . To store logs from FortiWeb 6.0, on FortiAnalyzer, you must select “FrotiWeb 5.4”.
- D . FortiWeb will query FortiAnalyzer for reports, instead of generating them locally.
Correct Answer: B
Question #5
Which of the following would be a reason for implementing rewrites?
- A . Page has been moved to a new URL
- B . Page has been moved to a new IP address
- C . Replace vulnerable functions.
- D . Send connection to secure channel
Correct Answer: A
Question #6
A client is trying to start a session from a page that should normally be accessible only after they have logged in.
When a start page rule detects the invalid session access, what can FortiWeb do? (Choose three.)
- A . Reply with a “403 Forbidden” HTTP error
- B . Allow the page access, but log the violation
- C . Automatically redirect the client to the login page
- D . Display an access policy message, then allow the client to continue, redirecting them to their requested page
- E . Prompt the client to authenticate
Correct Answer: A,B,C