Fortinet NSE6_FWB-6.4 Fortinet NSE 6 – FortiWeb 6.4 Online Training
Fortinet NSE6_FWB-6.4 Online Training
The questions for NSE6_FWB-6.4 were last updated at Nov 22,2024.
- Exam Code: NSE6_FWB-6.4
- Exam Name: Fortinet NSE 6 - FortiWeb 6.4
- Certification Provider: Fortinet
- Latest update: Nov 22,2024
Question #11
What can an administrator do if a client has been incorrectly period blocked?
- A . Nothing, it is not possible to override a period block.
- B . Manually release the ID address from the temporary blacklist.
- C . Force a new IP address to the client.
- D . Disconnect the client from the network.
Correct Answer: B
B
Explanation:
Block Period
Enter the number of seconds that you want to block the requests. The valid range is 1C3,600 seconds. The default value is 60 seconds.
This option only takes effect when you choose Period Block in Action.
Note: That’s a temporary blacklist so you can manually release them from the blacklist.
Reference: https://docs.fortinet.com/document/fortiweb/6.3.1/administration-guide/600188/configuring-bot-detection-profiles
B
Explanation:
Block Period
Enter the number of seconds that you want to block the requests. The valid range is 1C3,600 seconds. The default value is 60 seconds.
This option only takes effect when you choose Period Block in Action.
Note: That’s a temporary blacklist so you can manually release them from the blacklist.
Reference: https://docs.fortinet.com/document/fortiweb/6.3.1/administration-guide/600188/configuring-bot-detection-profiles
Question #12
Which regex expression is the correct format for redirecting the URL http://www.example.com?
- A . www.example.com
- B . www.example.com
- C . wwwexamplecom
- D . www/.example/.com
Correct Answer: B
B
Explanation:
Reference: https://learn.akamai.com/en-us/webhelp/edge-redirector/edge-redirector-guide/GUID-0C22DFC2-DCC4-42AF-BDB2-9537FBEE03FD.html
B
Explanation:
Reference: https://learn.akamai.com/en-us/webhelp/edge-redirector/edge-redirector-guide/GUID-0C22DFC2-DCC4-42AF-BDB2-9537FBEE03FD.html
Question #13
When FortiWeb triggers a redirect action, which two HTTP codes does it send to the client to inform the browser of the new URL? (Choose two.)
- A . 403
- B . 302
- C . 301
- D . 404
Correct Answer: B, C
B, C
Explanation:
Reference: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/302
B, C
Explanation:
Reference: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/302
Question #14
True transparent proxy mode is best suited for use in which type of environment?
- A . New networks where infrastructure is not yet defined
- B . Flexible environments where you can easily change the IP addressing scheme
- C . Small office to home office environments
- D . Environments where you cannot change the IP addressing scheme
Correct Answer: B
B
Explanation:
"Because blocking is not guaranteed to succeed in offline mode, this mode is best used during the evaluation and planning phase, early in implementation. Reverse proxy is the most popular operating mode. It can rewrite URLs, offload TLS, load balance, and apply NAT. For very large MSSP, true transparent mode has a significant advantage. You can drop it in without changing any schemes of limited IPv4 spaceCin transparent mode, you don’t need to give IP addresses to the network interfaces on FortiWeb."
B
Explanation:
"Because blocking is not guaranteed to succeed in offline mode, this mode is best used during the evaluation and planning phase, early in implementation. Reverse proxy is the most popular operating mode. It can rewrite URLs, offload TLS, load balance, and apply NAT. For very large MSSP, true transparent mode has a significant advantage. You can drop it in without changing any schemes of limited IPv4 spaceCin transparent mode, you don’t need to give IP addresses to the network interfaces on FortiWeb."
Question #15
Review the following configuration:
What is the expected result of this configuration setting?
- A . When machine learning (ML) is in its collecting phase, FortiWeb will accept an unlimited number of samples from the same source IP address.
- B . When machine learning (ML) is in its running phase, FortiWeb will accept an unlimited number of samples from the same source IP address.
- C . When machine learning (ML) is in its collecting phase, FortiWeb will not accept any samples from any source IP addresses.
- D . When machine learning (ML) is in its running phase, FortiWeb will accept a set number of samples from the same source IP address.
Correct Answer: A
Question #16
Which two statements about the anti-defacement feature on FortiWeb are true? (Choose two.)
- A . Anti-defacement can redirect users to a backup web server, if it detects a change.
- B . Anti-defacement downloads a copy of your website to RAM, in order to restore a clean image, if it detects defacement.
- C . FortiWeb will only check to see if there are changes on the web server; it will not download the whole file each time.
- D . Anti-defacement does not make a backup copy of your databases.
Correct Answer: C, D
C, D
Explanation:
Anti-defacement backs up web pages only, not databases.
If it detects any file changes, the FortiWeb appliance will download a new backup revision.
Reference: https://help.fortinet.com/fweb/551/Content/FortiWeb/fortiweb-admin/anti_defacement.htm
C, D
Explanation:
Anti-defacement backs up web pages only, not databases.
If it detects any file changes, the FortiWeb appliance will download a new backup revision.
Reference: https://help.fortinet.com/fweb/551/Content/FortiWeb/fortiweb-admin/anti_defacement.htm
Question #17
What must you do with your FortiWeb logs to ensure PCI DSS compliance?
- A . Store in an off-site location
- B . Erase them every two weeks
- C . Enable masking of sensitive data
- D . Compress them into a .zip file format
Correct Answer: C
C
Explanation:
Reference: https://docplayer.net/8466775-Fortiweb-web-application-firewall-ensuring-compliance-for-pci-dss-requirement-6-6-solution-guide.html
C
Explanation:
Reference: https://docplayer.net/8466775-Fortiweb-web-application-firewall-ensuring-compliance-for-pci-dss-requirement-6-6-solution-guide.html
Question #18
What role does FortiWeb play in ensuring PCI DSS compliance?
- A . It provides the ability to securely process cash transactions.
- B . It provides the required SQL server protection.
- C . It provides the WAF required by PCI.
- D . It provides credit card processing capabilities.
Correct Answer: C
Question #19
Refer to the exhibit.
There is only one administrator account configured on FortiWeb .
What must an administrator do to restrict any brute force attacks that attempt to gain access to the FortiWeb management GUI?
- A . Delete the built-in administrator user and create a new one.
- B . Configure IPv4 Trusted Host # 3 with a specific IP address.
- C . The configuration changes must be made on the upstream device.
- D . Change the Access Profile to Read_Only.
Correct Answer: B
B
Explanation:
Reference: https://docs.fortinet.com/document/fortiweb/6.1.1/administration-guide/397469/preventing-brute-force-logins
B
Explanation:
Reference: https://docs.fortinet.com/document/fortiweb/6.1.1/administration-guide/397469/preventing-brute-force-logins
Question #20
What key factor must be considered when setting brute force rate limiting and blocking?
- A . A single client contacting multiple resources
- B . Multiple clients sharing a single Internet connection
- C . Multiple clients from geographically diverse locations
- D . Multiple clients connecting to multiple resources
Correct Answer: B
B
Explanation:
https://training.fortinet.com/course/view.php?id=3363 What is one key factor that you must consider when setting brute force rate limiting and blocking? Multiple clients sharing a single Internet connection
B
Explanation:
https://training.fortinet.com/course/view.php?id=3363 What is one key factor that you must consider when setting brute force rate limiting and blocking? Multiple clients sharing a single Internet connection
Latest NSE6_FWB-6.4 Dumps Valid Version with 56 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund
Subscribe
Login
0 Comments
