Summer Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: geek65

NSE6_FWB-6.4 Fortinet NSE 6 - FortiWeb 6.4 Questions and Answers

Questions 4

Refer to the exhibit.

FortiADC is applying SNAT to all inbound traffic going to the servers. When an attack occurs, FortiWeb blocks traffic based on the 192.0.2.1 source IP address, which belongs to FortiADC. The setup is breaking all connectivity and genuine clients are not able to access the servers.

What must the administrator do to avoid this problem? (Choose two.)

Options:

A.

Enable the Use X-Forwarded-For setting on FortiWeb.

B.

No Special configuration is required; connectivity will be re-established after the set timeout.

C.

Place FortiWeb in front of FortiADC.

D.

Enable the Add X-Forwarded-For setting on FortiWeb.

Buy Now
Questions 5

Review the following configuration:

What is the expected result of this configuration setting?

Options:

A.

When machine learning (ML) is in its collecting phase, FortiWeb will accept an unlimited number of samples from the same source IP address.

B.

When machine learning (ML) is in its running phase, FortiWeb will accept an unlimited number of samples from the same source IP address.

C.

When machine learning (ML) is in its collecting phase, FortiWeb will not accept any samples from any source IP addresses.

D.

When machine learning (ML) is in its running phase, FortiWeb will accept a set number of samples from the same source IP address.

Buy Now
Questions 6

Which operation mode does not require additional configuration in order to allow FTP traffic to your web server?

Options:

A.

Offline Protection

B.

Transparent Inspection

C.

True Transparent Proxy

D.

Reverse-Proxy

Buy Now
Questions 7

You are using HTTP content routing on FortiWeb. Requests for web app A should be forwarded to a cluster of web servers which all host the same web app. Requests for web app B should be forwarded to a different, single web server.

Which is true about the solution?

Options:

A.

Static or policy-based routes are not required.

B.

To achieve HTTP content routing, you must chain policies: the first policy accepts all traffic, and forwards requests for web app A to the virtual server for policy A. It also forwards requests for web app B to the virtual server for policy B. Policy A and Policy B apply their app-specific protection profiles, and then distribute that app’s traffic among all members of the server farm.

C.

You must put the single web server into a server pool in order to use it with HTTP content routing.

D.

The server policy applies the same protection profile to all its protected web apps.

Buy Now
Questions 8

Which is true about HTTPS on FortiWeb? (Choose three.)

Options:

A.

For SNI, you select the certificate that FortiWeb will present in the server pool, not in the server policy.

B.

After enabling HSTS, redirects to HTTPS are no longer necessary.

C.

In true transparent mode, the TLS session terminator is a protected web server.

D.

Enabling RC4 protects against the BEAST attack, but is not recommended if you configure FortiWeb to only offer TLS 1.2.

E.

In transparent inspection mode, you select which certificate that FortiWeb will present in the server pool, not in the server policy.

Buy Now
Exam Code: NSE6_FWB-6.4
Exam Name: Fortinet NSE 6 - FortiWeb 6.4
Last Update: Jul 23, 2024
Questions: 56
NSE6_FWB-6.4 pdf

NSE6_FWB-6.4 PDF

$28  $80
NSE6_FWB-6.4 Engine

NSE6_FWB-6.4 Testing Engine

$33.25  $95
NSE6_FWB-6.4 PDF + Engine

NSE6_FWB-6.4 PDF + Testing Engine

$45.5  $130