New Fortinet NSE 6 - FortiWeb Exam (FortiWeb 6.4) NSE6_FWB-6.4 Exam Dumps

New Fortinet NSE 6 – FortiWeb Exam (FortiWeb 6.4) NSE6_FWB-6.4 Exam Dumps

Eleanor2022-09-14T03:50:22+00:00

By Eleanor Fortinet, NSE 6 Network Security Specialist NSE6_FWB-6.4, NSE6_FWB-6.4 exam dumps, NSE6_FWB-6.4 free dumps 1 Comment

We introduced the NSE6_FWB-6.4 Fortinet NSE 6 – FortiWeb 6.4 certification exam before, and we are eager to help you prepare for this exam well. New NSE6_FWB-6.4 exam dumps of ITPrepare are available online, which provide you with the latest NSE6_FWB-6.4 dumps questions and answers to ensure that you can achieve success in this exam. With the ITPrepare’s Fortinet NSE6_FWB-6.4 exam dumps, you will get everything that you need to learn, prepare and pass the difficult NSE6_FWB-6.4 Fortinet NSE 6 – FortiWeb 6.4 exam with good scores.

Try to read the Fortinet NSE6_FWB-6.4 exam free dumps before getting the new NSE6_FWB-6.4 exam dumps:

Page 1 of 2

1. FortiWeb offers the same load balancing algorithms as FortiGate.

Which two Layer 7 switch methods does FortiWeb also offer? (Choose two.)

Round robin

HTTP session-based round robin

HTTP user-based round robin

HTTP content routes

2. True transparent proxy mode is best suited for use in which type of environment?

New networks where infrastructure is not yet defined

Flexible environments where you can easily change the IP addressing scheme

Small office to home office environments

Environments where you cannot change the IP addressing scheme

3. Which would be a reason to implement HTTP rewriting?

The original page has moved to a new URL

To replace a vulnerable function in the requested URL

To send the request to secure channel

The original page has moved to a new IP address

4. When FortiWeb triggers a redirect action, which two HTTP codes does it send to the client to inform the browser of the new URL? (Choose two.)

403

302

301

404

5. Which algorithm is used to build mathematical models for bot detection?

HCM

SVN

SVM

HMM

6. Which statement about local user accounts is true?

They are best suited for large environments with many users.

They cannot be used for site publishing.

They must be assigned, regardless of any other authentication.

They can be used for SS

7. Refer to the exhibit.

Based on the configuration, what would happen if this FortiWeb were to lose power? (Choose two.)

Traffic that passes between port5 and port6 will be inspected.

Traffic will be interrupted between port3 and port4.

All traffic will be interrupted.

Traffic will pass between port5 and port6 uninspected.

8. Review the following configuration:

What is the expected result of this configuration setting?

When machine learning (ML) is in its collecting phase, FortiWeb will accept an unlimited number of samples from the same source IP address.

When machine learning (ML) is in its running phase, FortiWeb will accept an unlimited number of samples from the same source IP address.

When machine learning (ML) is in its collecting phase, FortiWeb will not accept any samples from any source IP addresses.

When machine learning (ML) is in its running phase, FortiWeb will accept a set number of samples from the same source IP address.

9. Refer to the exhibit.

FortiWeb is configured to block traffic from Japan to your web application server. However, in the logs, the administrator is seeing traffic allowed from one particular IP address which is geo-located in Japan.

What can the administrator do to solve this problem? (Choose two.)

Manually update the geo-location IP addresses for Japan.

If the IP address is configured as a geo reputation exception, remove it.

Configure the IP address as a blacklisted IP address.

If the IP address is configured as an IP reputation exception, remove it.

10. Refer to the exhibit.

FortiADC is applying SNAT to all inbound traffic going to the servers. When an attack occurs, FortiWeb blocks traffic based on the 192.0.2.1 source IP address, which belongs to FortiADC. The setup is breaking all connectivity and genuine clients are not able to access the servers .

What must the administrator do to avoid this problem? (Choose two.)

Enable the Use X-Forwarded-For setting on FortiWeb.

No Special configuration is required; connectivity will be re-established after the set timeout.

Place FortiWeb in front of FortiAD

Enable the Add X-Forwarded-For setting on FortiWeb.

Page 2 of 2

11. 1.Which two statements about running a vulnerability scan are true? (Choose two.)

You should run the vulnerability scan during a maintenance window.

You should run the vulnerability scan in a test environment.

Vulnerability scanning increases the load on FortiWeb, so it should be avoided.

You should run the vulnerability scan on a live website to get accurate results.

12. Refer to the exhibit.

There is only one administrator account configured on FortiWeb .

What must an administrator do to restrict any brute force attacks that attempt to gain access to the FortiWeb management GUI?

Delete the built-in administrator user and create a new one.

Configure IPv4 Trusted Host # 3 with a specific IP address.

The configuration changes must be made on the upstream device.

Change the Access Profile to Read_Only.

13. Which regex expression is the correct format for redirecting the URL http://www.example.com?

www.example.com

wwwexamplecom

www/.example/.com

14. What can an administrator do if a client has been incorrectly period blocked?

Nothing, it is not possible to override a period block.

Manually release the ID address from the temporary blacklist.

Force a new IP address to the client.

Disconnect the client from the network.

15. A client is trying to start a session from a page that would normally be accessible only after the client has logged in.

When a start page rule detects the invalid session access, what can FortiWeb do? (Choose three.)

Display an access policy message, then allow the client to continue

Redirect the client to the login page

Allow the page access, but log the violation

Prompt the client to authenticate

Reply with a 403 Forbidden HTTP error

16. What must you do with your FortiWeb logs to ensure PCI DSS compliance?

Store in an off-site location

Erase them every two weeks

Enable masking of sensitive data

Compress them into a .zip file format

17. Which two statements about the anti-defacement feature on FortiWeb are true? (Choose two.)

Anti-defacement can redirect users to a backup web server, if it detects a change.

Anti-defacement downloads a copy of your website to RAM, in order to restore a clean image, if it detects defacement.

FortiWeb will only check to see if there are changes on the web server; it will not download the whole file each time.

Anti-defacement does not make a backup copy of your databases.

18. Refer to the exhibit.

Many legitimate users are being identified as bots. FortiWeb bot detection has been configured with the settings shown in the exhibit. The FortiWeb administrator has already verified that the current model is accurate.

What can the administrator do to fix this problem, making sure that real bots are not allowed through FortiWeb?

Change Model Type to Strict

Change Action under Action Settings to Alert

Disable Dynamically Update Model

Enable Bot Confirmation

19. What role does FortiWeb play in ensuring PCI DSS compliance?

It provides the ability to securely process cash transactions.

It provides the required SQL server protection.

It provides the WAF required by PC

It provides credit card processing capabilities.

20. What key factor must be considered when setting brute force rate limiting and blocking?

A single client contacting multiple resources

Multiple clients sharing a single Internet connection

Multiple clients from geographically diverse locations

Multiple clients connecting to multiple resources

New Fortinet NSE 6 – FortiWeb Exam (FortiWeb 6.4) NSE6_FWB-6.4 Exam Dumps