• Home
  • Articles
  • NSE6_FWB-6.4 Questions - Truly Beneficial For Your Fortinet Exam (Updated 58 Questions) [Q19-Q37]

NSE6_FWB-6.4 Questions - Truly Beneficial For Your Fortinet Exam (Updated 58 Questions) [Q19-Q37]

Share

NSE6_FWB-6.4 Questions - Truly Beneficial For Your Fortinet Exam (Updated 58 Questions)

View All NSE6_FWB-6.4 Actual Exam Questions, Answers and Explanations for Free

NEW QUESTION # 19
In which operation mode(s) can FortiWeb modify HTTP packets? (Choose two.)

  • A. Reverse proxy
  • B. True transparent proxy
  • C. Transparent Inspection
  • D. Offline protection

Answer: A,B


NEW QUESTION # 20
Refer to the exhibit.

Based on the configuration, what would happen if this FortiWeb were to lose power? (Choose two.)

  • A. Traffic will pass between port5 and port6 uninspected.
  • B. Traffic will be interrupted between port3 and port4.
  • C. All traffic will be interrupted.
  • D. Traffic that passes between port5 and port6 will be inspected.

Answer: A,B


NEW QUESTION # 21
What is one of the key benefits of the FortiGuard IP reputation feature?

  • A. It maintains a list of public IPs with a bad reputation for participating in attacks.
  • B. It maintains a list of private IP addresses.
  • C. It provides a document of IP addresses that are suspect, so that administrators can manually update their blacklists.
  • D. It is updated once per year.

Answer: A

Explanation:
Explanation
FortiGuard IP Reputation service assigns a poor reputation, including virus-infected clients and malicious spiders/crawlers.


NEW QUESTION # 22
Which statement about local user accounts is true?

  • A. They must be assigned, regardless of any other authentication.
  • B. They are best suited for large environments with many users.
  • C. They cannot be used for site publishing.
  • D. They can be used for SSO.

Answer: C


NEW QUESTION # 23
Which of the following would be a reason for implementing rewrites?

  • A. Page has been moved to a new URL
  • B. Replace vulnerable functions.
  • C. Send connection to secure channel
  • D. Page has been moved to a new IP address

Answer: B


NEW QUESTION # 24
Which implementation is best suited for a deployment that must meet compliance criteria?

  • A. SSL Offloading with FortiWeb in reverse proxy mode
  • B. SSL Inspection with FortiWeb in Transparency mode
  • C. SSL Inspection with FrotiWeb in Reverse Proxy mode
  • D. SSL Offloading with FortiWeb in Transparency Mode

Answer: C


NEW QUESTION # 25
You are configuring FortiAnalyzer to store logs from FortiWeb.
Which is true?

  • A. To store logs from FortiWeb 6.4, on FortiAnalyzer, you must select "FrotiWeb 6.1".
  • B. FortiWeb will query FortiAnalyzer for reports, instead of generating them locally.
  • C. You must enable ADOMs on FortiAnalyzer.
  • D. FortiAnalyzer will store antivirus and DLP archives from FortiWeb.

Answer: C


NEW QUESTION # 26
How does FortiWeb protect against defacement attacks?

  • A. It keeps full copies of all files and directories.
  • B. It keeps a live duplicate of the database.
  • C. It keeps hashes of files and periodically compares them to the server.
  • D. It keeps a complete backup of all files and the database.

Answer: C

Explanation:
Explanation
The anti-defacement feature examines a web site's files for changes at specified time intervals. If it detects a change that could indicate a defacement attack, the FortiWeb appliance can notify you and quickly react by automatically restoring the web site contents to the previous backup.


NEW QUESTION # 27
Under which circumstances does FortiWeb use its own certificates? (Choose Two)

  • A. Secondary HTTPS connection to server where FortiWeb acts as a client
  • B. HTTPS access to GUI
  • C. HTTPS to FortiGate
  • D. HTTPS to clients

Answer: A,B


NEW QUESTION # 28
Which is true about HTTPS on FortiWeb? (Choose three.)

  • A. Enabling RC4 protects against the BEAST attack, but is not recommended if you configure FortiWeb to only offer TLS 1.2.
  • B. After enabling HSTS, redirects to HTTPS are no longer necessary.
  • C. For SNI, you select the certificate that FortiWeb will present in the server pool, not in the server policy.
  • D. In transparent inspection mode, you select which certificate that FortiWeb will present in the server pool, not in the server policy.
  • E. In true transparent mode, the TLS session terminator is a protected web server.

Answer: C,D,E


NEW QUESTION # 29
In which two operating modes can FortiWeb modify HTTP packets? (Choose two.)

  • A. Reverse proxy
  • B. True transparent proxy
  • C. Offline protection
  • D. Transparent inspection

Answer: A,B


NEW QUESTION # 30
When viewing the attack logs on FortiWeb, which client IP address is shown when you are using XFF header rules?

  • A. FortiGate local IP
  • B. FortiGate public IP
  • C. FortiWeb IP
  • D. Client real IP

Answer: D

Explanation:
Explanation
When an XFF header reaches Alteon from a client, Alteon removes all the content from the header and injects the client IP address. Alteon then forwards the header to the server.


NEW QUESTION # 31
Which two statements about the anti-defacement feature on FortiWeb are true? (Choose two.)

  • A. FortiWeb will only check to see if there are changes on the web server; it will not download the whole file each time.
  • B. Anti-defacement does not make a backup copy of your databases.
  • C. Anti-defacement can redirect users to a backup web server, if it detects a change.
  • D. Anti-defacement downloads a copy of your website to RAM, in order to restore a clean image, if it detects defacement.

Answer: A,B

Explanation:
Explanation
Anti-defacement backs up web pages only, not databases.
If it detects any file changes, the FortiWeb appliance will download a new backup revision.


NEW QUESTION # 32
What other consideration must you take into account when configuring Defacement protection

  • A. Also incorporate a FortiADC into your network
  • B. Use FortiWeb to block SQL Injections and keep regular backups of the Database
  • C. Configure the FortiGate to perform Anti-Defacement as well
  • D. None. FortiWeb completely secures the site against defacement attacks

Answer: B


NEW QUESTION # 33
What can an administrator do if a client has been incorrectly period blocked?

  • A. Force a new IP address to the client.
  • B. Manually release the ID address from the temporary blacklist.
  • C. Nothing, it is not possible to override a period block.
  • D. Disconnect the client from the network.

Answer: B

Explanation:
Explanation
Block Period
Enter the number of seconds that you want to block the requests. The valid range is 1-3,600 seconds. The default value is 60 seconds.
This option only takes effect when you choose Period Block in Action.
Note: That's a temporary blacklist so you can manually release them from the blacklist.


NEW QUESTION # 34
Review the following configuration:

What is the expected result of this configuration setting?

  • A. When machine learning (ML) is in its running phase, FortiWeb will accept an unlimited number of samples from the same source IP address.
  • B. When machine learning (ML) is in its collecting phase, FortiWeb will not accept any samples from any source IP addresses.
  • C. When machine learning (ML) is in its collecting phase, FortiWeb will accept an unlimited number of samples from the same source IP address.
  • D. When machine learning (ML) is in its running phase, FortiWeb will accept a set number of samples from the same source IP address.

Answer: C


NEW QUESTION # 35
Which three statements about HTTPS on FortiWeb are true? (Choose three.)

  • A. After enabling HSTS, redirects to HTTPS are no longer necessary.
  • B. In transparent inspection mode, you select which certificate that FortiWeb will present in the server pool, not in the server policy.
  • C. In true transparent mode, the TLS session terminator is a protected web server.
  • D. Enabling RC4 protects against the BEAST attack, but is not recommended if you configure FortiWeb to only offer TLS 1.2.
  • E. For SNI, you select the certificate that FortiWeb will present in the server pool, not in the server policy.

Answer: B,C,D


NEW QUESTION # 36
Refer to the exhibit.

There is only one administrator account configured on FortiWeb. What must an administrator do to restrict any brute force attacks that attempt to gain access to the FortiWeb management GUI?

  • A. Configure IPv4 Trusted Host # 3 with a specific IP address.
  • B. The configuration changes must be made on the upstream device.
  • C. Delete the built-in administrator user and create a new one.
  • D. Change the Access Profile to Read_Only.

Answer: A


NEW QUESTION # 37
......

NSE6_FWB-6.4 dumps Free Test Engine Verified By It Certified Experts: https://pass4sure.testpdf.com/NSE6_FWB-6.4-practice-test.html

Related Articles

more
Fortinet NSE6_FWB-6.4 Certification Practice Exam