NSE6_FWB-6.0 Real Questions To Pass Fortinet NSE 6 – FortiWeb 6.0 – PassQuestion Free Questions To Test Online

1. What can an administrator do if a client has been incorrectly Period Blocked?

Disconnect the client from the network

Manually release the IP from the temporary Blacklist

Nothing, it is not possible to override a Period Block

Force a new IP address to the client

2. When generating a protection configuration from an auto learning report what critical step must you do before generating the final protection configuration?

Restart the FortiWeb to clear the caches

Drill down in the report to correct any false positives.

Activate the report to create t profile

Take the FortiWeb offline to apply the profile

3. How does an ADOM differ from a VDOM?

ADOMs do not have virtual networking

ADOMs improve performance by offloading some functions

ADOMs only affect specific functions, and do not provide full separation like VDOMs do

Allows you to have 1 administrator for multiple tenants

4. You are configuring FortiAnalyzer to store logs from FortiWeb.

Which is true?

FortiAnalyzer will store antivirus and DLP archives from FortiWeb.

You must enable ADOMs on FortiAnalyzer.

To store logs from FortiWeb 6.0, on FortiAnalyzer, you must select “FrotiWeb 5.4”.

FortiWeb will query FortiAnalyzer for reports, instead of generating them locally.

5. Which of the following would be a reason for implementing rewrites?

Page has been moved to a new URL

Page has been moved to a new IP address

Replace vulnerable functions.

Send connection to secure channel

6. A client is trying to start a session from a page that should normally be accessible only after they have logged in.

When a start page rule detects the invalid session access, what can FortiWeb do? (Choose three.)

Reply with a “403 Forbidden” HTTP error

Allow the page access, but log the violation

Automatically redirect the client to the login page

Display an access policy message, then allow the client to continue, redirecting them to their requested page

Prompt the client to authenticate

7. Which is true about HTTPS on FortiWeb? (Choose three.)

For SNI, you select the certificate that FortiWeb will present in the server pool, not in the server policy.

After enabling HSTS, redirects to HTTPS are no longer necessary.

In true transparent mode, the TLS session terminator is a protected web server.

Enabling RC4 protects against the BEAST attack, but is not recommended if you configure FortiWeb to only offer TLS 1.2.

In transparent inspection mode, you select which certificate that FortiWeb will present in the server pool, not in the server policy.

8. When viewing the attack logs on your FortiWeb, which IP Address is shown for the client when using XFF Header rules?

FortiGate’s public IP

FortiGate’s local IP

FortiWeb’s IP

Client’s real IP

9. Which of the following is true about Local User Accounts?

Must be assigned regardless of any other authentication

Can be used for Single Sign On

Can be used for site publishing

Best suited for large environments with many users

10. In which operation mode(s) can FortiWeb modify HTTP packets? (Choose two.)

Transparent Inspection

Offline protection

True transparent proxy

Reverse proxy

NSE6_FWB-6.0 Real Questions To Pass Fortinet NSE 6 – FortiWeb 6.0

NSE6_FWB-6.0 Real Questions To Pass Fortinet NSE 6 – FortiWeb 6.0

Leave a Reply Cancel reply