Weekend Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code = simple70

Home
Fortinet
NSE 6 Network Security Specialist
NSE6_FWB-6.4
Fortinet NSE 6 - FortiWeb 6.4 Questions and Answers

Pass the Fortinet NSE 6 Network Security Specialist NSE6_FWB-6.4 Questions and answers with ExamsMirror

Practice at least 50% of the questions to maximize your chances of passing.

Exam NSE6_FWB-6.4 Premium Access

View all detail and faqs for the NSE6_FWB-6.4 exam

Go to Exam

409 Students Passed

90% Average Score

95% Same Questions

Viewing page 1 out of 2 pages

Viewing questions 1-10 out of questions

Questions # 1:

What key factor must be considered when setting brute force rate limiting and blocking?

Options:

A single client contacting multiple resources

Multiple clients sharing a single Internet connection

Multiple clients from geographically diverse locations

Multiple clients connecting to multiple resources

Answer

Explanation

https://training.fortinet.com/course/view.php?id=3363 What is one key factor that you must consider when setting brute force rate limiting and blocking? Multiple clients sharing a single Internet connection

Questions # 2:

What can an administrator do if a client has been incorrectly period blocked?

Options:

Nothing, it is not possible to override a period block.

Manually release the ID address from the temporary blacklist.

Force a new IP address to the client.

Disconnect the client from the network.

Answer

Explanation

Block Period

Enter the number of seconds that you want to block the requests. The valid range is 1–3,600 seconds. The default value is 60 seconds.

This option only takes effect when you choose Period Block in Action.

Note: That’s a temporary blacklist so you can manually release them from the blacklist.

[Reference: https://docs.fortinet.com/document/fortiweb/6.3.1/administration-guide/600188/configuring-bot-detection-profiles, ]

Questions # 3:

Which two statements about the anti-defacement feature on FortiWeb are true? (Choose two.)

Options:

Anti-defacement can redirect users to a backup web server, if it detects a change.

Anti-defacement downloads a copy of your website to RAM, in order to restore a clean image, if it detects defacement.

FortiWeb will only check to see if there are changes on the web server; it will not download the whole file each time.

Anti-defacement does not make a backup copy of your databases.

Answer

C, D

Explanation

Anti-defacement backs up web pages only, not databases.

If it detects any file changes, the FortiWeb appliance will download a new backup revision.

[Reference: https://help.fortinet.com/fweb/551/Content/FortiWeb/fortiweb-admin/anti_defacement.htm, ]

Questions # 4:

Refer to the exhibit.

Question # 4

FortiWeb is configured to block traffic from Japan to your web application server. However, in the logs, the administrator is seeing traffic allowed from one particular IP address which is geo-located in Japan.

What can the administrator do to solve this problem? (Choose two.)

Options:

Manually update the geo-location IP addresses for Japan.

If the IP address is configured as a geo reputation exception, remove it.

Configure the IP address as a blacklisted IP address.

If the IP address is configured as an IP reputation exception, remove it.

Answer

B, C

Questions # 5:

Which regex expression is the correct format for redirecting the URL http://www.example.com?

Options:

www\.example\.com

www.example.com

www\example\com

www/.example/.com

Answer

Explanation

\1://www.company.com/\2/\3

[Reference: https://learn.akamai.com/en-us/webhelp/edge-redirector/edge-redirector-guide/GUID-0C22DFC2-DCC4-42AF-BDB2-9537FBEE03FD.html, ]

Questions # 6:

When the FortiWeb is configured in Reverse Proxy mode and the FortiGate is configured as an SNAT device, what IP address will the FortiGate’s Real Server configuration point at?

Options:

Virtual Server IP on the FortiGate

Server’s real IP

FortiWeb’s real IP

IP Address of the Virtual Server on the FortiWeb

Answer

Questions # 7:

You are configuring FortiAnalyzer to store logs from FortiWeb.

Which is true?

Options:

FortiAnalyzer will store antivirus and DLP archives from FortiWeb.

You must enable ADOMs on FortiAnalyzer.

To store logs from FortiWeb 6.4, on FortiAnalyzer, you must select “FrotiWeb 6.1”.

FortiWeb will query FortiAnalyzer for reports, instead of generating them locally.

Answer

Questions # 8:

When viewing the attack logs on FortiWeb, which client IP address is shown when you are using XFF header rules?

Options:

FortiGate public IP

FortiWeb IP

FortiGate local IP

Client real IP

Answer

Explanation

When an XFF header reaches Alteon from a client, Alteon removes all the content from the header and injects the client IP address. Alteon then forwards the header to the server.

[Reference: https://support.radware.com/app/answers/answer_view/a_id/20925/~/modifying-the-client-ip-address-in-the-xff-header-using-httpmod, ]

Questions # 9:

Refer to the exhibit.

Question # 9

Many legitimate users are being identified as bots. FortiWeb bot detection has been configured with the settings shown in the exhibit. The FortiWeb administrator has already verified that the current model is accurate.

What can the administrator do to fix this problem, making sure that real bots are not allowed through FortiWeb?

Options:

Change Model Type to Strict

Change Action under Action Settings to Alert

Disable Dynamically Update Model

Enable Bot Confirmation

Answer

Explanation

Bot Confirmation

If the number of anomalies from a user has reached the Anomaly Count, the system executes Bot Confirmation before taking actions.

The Bot Confirmation is to confirm if the user is indeed a bot. The system sends RBE (Real Browser Enforcement) JavaScript or CAPTCHA to the client to double check if it's a real bot.

[Reference: https://docs.fortinet.com/document/fortiweb/6.3.1/administration-guide/600188/configuring-bot-detection-profiles, ]

Questions # 10:

What is one of the key benefits of the FortiGuard IP reputation feature?

Options:

It maintains a list of private IP addresses.

It provides a document of IP addresses that are suspect, so that administrators can manually update their blacklists.

It is updated once per year.

It maintains a list of public IPs with a bad reputation for participating in attacks.

Answer

Explanation

FortiGuard IP Reputation service assigns a poor reputation, including virus-infected clients and malicious spiders/crawlers.

[Reference: https://docs.fortinet.com/document/fortiweb/6.1.1/administration-guide/137271/blacklisting-whitelisting-clients, ]

Viewing page 1 out of 2 pages

Viewing questions 1-10 out of questions

Modal title

Registered Required

In order to participate in the comments you need to be logged-in.
You can sign-up or login (it's free).

TOP CODES

Top selling exam codes in the certification world, popular, in demand and updated to help you pass on the first try.

2V0-11.25

ADM-201

Agentforce-Specialist

CMMC-CCP

Data-Cloud-Consultant

PCNSE

PDI

PSE-Strata-Pro-24

Secure-Software-Design

Sharing-and-Visibility-Architect

Workday-Pro-Integrations

ZDTA