• Home
  • Articles
  • Get Dec-2023 updated NSE6_FWB-6.4 Certification Exam Sample Questions [Q15-Q39]

Get Dec-2023 updated NSE6_FWB-6.4 Certification Exam Sample Questions [Q15-Q39]

Share

Get Dec-2023 updated NSE6_FWB-6.4 Certification Exam Sample Questions

NSE6_FWB-6.4 Study Guide Cover to Cover as Literally


Fortinet NSE6_FWB-6.4 (Fortinet NSE 6 - FortiWeb 6.4) Certification Exam is designed to validate the skills and knowledge of IT professionals in deploying, configuring, and managing FortiWeb solutions. FortiWeb is a web application firewall (WAF) designed to protect web applications from various types of attacks such as SQL injection, cross-site scripting (XSS), and more.


Fortinet NSE6_FWB-6.4 certification is a valuable certification for IT professionals looking to enhance their career prospects in network security and web application security. Fortinet NSE 6 - FortiWeb 6.4 certification validates the skills and knowledge required to configure and manage FortiWeb devices in a secure network environment. Fortinet NSE 6 - FortiWeb 6.4 certification exam is a challenging exam that requires extensive preparation and hands-on experience with FortiWeb devices. Successful candidates will be able to design and implement secure web application infrastructures, configure WAF policies, and deploy web applications with FortiWeb.

 

NEW QUESTION # 15
When FortiWeb triggers a redirect action, which two HTTP codes does it send to the client to inform the browser of the new URL? (Choose two.)

  • A. 0
  • B. 1
  • C. 2
  • D. 3

Answer: B,C


NEW QUESTION # 16
When integrating FortiWeb and FortiAnalyzer, why is the selection for FortiWeb Version critical? (Choose two)

  • A. Defines communication protocol
  • B. Defines Log storage location
  • C. Defines Log file format
  • D. Defines Database Schema

Answer: B,C


NEW QUESTION # 17
An e-commerce web app is used by small businesses. Clients often access it from offices behind a router, where clients are on an IPv4 private network LAN. You need to protect the web application from denial of service attacks that use request floods.
What FortiWeb feature should you configure?

  • A. Configure a server policy that matches requests from shared Internet connections.
  • B. Enable "Shared IP" and configure the separate rate limits for requests from NATted source IPs.
  • C. Enable SYN cookies.
  • D. Configure FortiWeb to use "X-Forwarded-For:" headers to find each client's private network IP, and to block attacks using that.

Answer: C


NEW QUESTION # 18
How does an ADOM differ from a VDOM?

  • A. ADOMs do not have virtual networking
  • B. ADOMs improve performance by offloading some functions.
  • C. Allows you to have 1 administrator for multiple tenants
  • D. ADOMs only affect specific functions, and do not provide full separation like VDOMs do.

Answer: A


NEW QUESTION # 19
Which three statements about HTTPS on FortiWeb are true? (Choose three.)

  • A. After enabling HSTS, redirects to HTTPS are no longer necessary.
  • B. In true transparent mode, the TLS session terminator is a protected web server.
  • C. In transparent inspection mode, you select which certificate that FortiWeb will present in the server pool, not in the server policy.
  • D. For SNI, you select the certificate that FortiWeb will present in the server pool, not in the server policy.
  • E. Enabling RC4 protects against the BEAST attack, but is not recommended if you configure FortiWeb to only offer TLS 1.2.

Answer: B,C,E


NEW QUESTION # 20
The FortiWeb machine learning (ML) feature is a two-phase analysis mechanism.
Which two functions does the first layer perform? (Choose two.)

  • A. Determines whether traffic is an anomaly, based on observed application traffic over time
  • B. Determines if a detected threat is a false-positive or not
  • C. Determines whether an anomaly is a real attack or just a benign anomaly that should be ignored
  • D. Builds a threat model behind every parameter and HTTP method

Answer: A,D

Explanation:
Explanation
The first layer uses the Hidden Markov Model (HMM) and monitors access to the application and collects data to build a mathematical model behind every parameter and HTTP method.


NEW QUESTION # 21
Refer to the exhibits.


FortiWeb is configured in reverse proxy mode and it is deployed downstream to FortiGate. Based on the configuration shown in the exhibits, which of the following statements is true?

  • A. FortiGate should forward web traffic to the server pool IP addresses.
  • B. The configuration is incorrect. FortiWeb should always be located upstream to FortiGate.
  • C. FortiGate should forward web traffic to virtual server IP address.
  • D. You must disable the Preserve Client IP setting on FotriGate for this configuration to work.

Answer: C


NEW QUESTION # 22
You've configured an authentication rule with delegation enabled on FortiWeb.
What happens when a user tries to access the web application?

  • A. FortiWeb forwards the HTTP challenge from the server to the client, then monitors the reply, allowing access if the user authenticates successfully
  • B. FortiWeb replies with a HTTP challenge of behalf of the server, the if the user authenticates successfully, FortiWeb allows the request and also includes credentials in the request that it forwards to the web app
  • C. FrotiWeb redirects users to a FortiAuthenticator page, then if the user authenticates successfully, FortiGate signals to FortiWeb to allow access to the web app
  • D. ForitWeb redirects the user to the web app's authentication page

Answer: C


NEW QUESTION # 23
True transparent proxy mode is best suited for use in which type of environment?

  • A. Environments where you cannot change the IP addressing scheme
  • B. Small office to home office environments
  • C. New networks where infrastructure is not yet defined
  • D. Flexible environments where you can easily change the IP addressing scheme

Answer: D

Explanation:
Explanation
"Because blocking is not guaranteed to succeed in offline mode, this mode is best used during the evaluation and planning phase, early in implementation. Reverse proxy is the most popular operating mode. It can rewrite URLs, offload TLS, load balance, and apply NAT. For very large MSSP, true transparent mode has a significant advantage. You can drop it in without changing any schemes of limited IPv4 space-in transparent mode, you don't need to give IP addresses to the network interfaces on FortiWeb."


NEW QUESTION # 24
What must you do with your FortiWeb logs to ensure PCI DSS compliance?

  • A. Erase them every two weeks
  • B. Store in an off-site location
  • C. Compress them into a .zip file format
  • D. Enable masking of sensitive data

Answer: D


NEW QUESTION # 25
What role does FortiWeb play in ensuring PCI DSS compliance?

  • A. It provides the WAF required by PCI.
  • B. It provides credit card processing capabilities.
  • C. It provides the required SQL server protection.
  • D. It provides the ability to securely process cash transactions.

Answer: A


NEW QUESTION # 26
Which of the following FortiWeb features is part of the mitigation tools against OWASP A4 threats?

  • A. Brute Force blocking
  • B. Sensitive info masking
  • C. Session Management
  • D. Poison Cookie detection

Answer: C


NEW QUESTION # 27
Refer to the exhibit.

FortiADC is applying SNAT to all inbound traffic going to the servers. When an attack occurs, FortiWeb blocks traffic based on the 192.0.2.1 source IP address, which belongs to FortiADC. The setup is breaking all connectivity and genuine clients are not able to access the servers.
What must the administrator do to avoid this problem? (Choose two.)

  • A. No Special configuration is required; connectivity will be re-established after the set timeout.
  • B. Place FortiWeb in front of FortiADC.
  • C. Enable the Use X-Forwarded-For setting on FortiWeb.
  • D. Enable the Add X-Forwarded-For setting on FortiWeb.

Answer: B,C

Explanation:
Explanation
Configure your load balancer to insert or append to an X-Forwarded-For:, X-Real-IP:, or other HTTP X-header. Also configure FortiWeb to find the original attacker's or client's IP address in that HTTP header


NEW QUESTION # 28
What is one of the key benefits of the FortiGuard IP reputation feature?

  • A. It provides a document of IP addresses that are suspect, so that administrators can manually update their blacklists.
  • B. It is updated once per year.
  • C. It maintains a list of private IP addresses.
  • D. It maintains a list of public IPs with a bad reputation for participating in attacks.

Answer: D

Explanation:
Explanation
FortiGuard IP Reputation service assigns a poor reputation, including virus-infected clients and malicious spiders/crawlers.


NEW QUESTION # 29
How does FortiWeb protect against defacement attacks?

  • A. It keeps a live duplicate of the database.
  • B. It keeps full copies of all files and directories.
  • C. It keeps hashes of files and periodically compares them to the server.
  • D. It keeps a complete backup of all files and the database.

Answer: C

Explanation:
Explanation
The anti-defacement feature examines a web site's files for changes at specified time intervals. If it detects a change that could indicate a defacement attack, the FortiWeb appliance can notify you and quickly react by automatically restoring the web site contents to the previous backup.


NEW QUESTION # 30
Which two statements about the anti-defacement feature on FortiWeb are true? (Choose two.)

  • A. Anti-defacement does not make a backup copy of your databases.
  • B. FortiWeb will only check to see if there are changes on the web server; it will not download the whole file each time.
  • C. Anti-defacement can redirect users to a backup web server, if it detects a change.
  • D. Anti-defacement downloads a copy of your website to RAM, in order to restore a clean image, if it detects defacement.

Answer: A,B

Explanation:
Explanation
Anti-defacement backs up web pages only, not databases.
If it detects any file changes, the FortiWeb appliance will download a new backup revision.


NEW QUESTION # 31
Which two statements about running a vulnerability scan are true? (Choose two.)

  • A. Vulnerability scanning increases the load on FortiWeb, so it should be avoided.
  • B. You should run the vulnerability scan on a live website to get accurate results.
  • C. You should run the vulnerability scan in a test environment.
  • D. You should run the vulnerability scan during a maintenance window.

Answer: C,D

Explanation:
Explanation
Should the Vulnerability Scanner allow it, SVMS will set the scan schedule (or schedules) to run in a maintenance window. SVMS will advise Client of the scanner's ability to complete the scan(s) within the maintenance window.
Vulnerabilities on live web sites. Instead, duplicate the web site and its database in a test environment.


NEW QUESTION # 32
Which would be a reason to implement HTTP rewriting?

  • A. To send the request to secure channel
  • B. The original page has moved to a new IP address
  • C. To replace a vulnerable function in the requested URL
  • D. The original page has moved to a new URL

Answer: C

Explanation:
Explanation
Create a new URL rewriting rule.


NEW QUESTION # 33
Which
regex expression is the correct format for redirecting the URL http://www.example.com?

  • A. www\.example\.com
  • B. www\example\com
  • C. www.example.com
  • D. www/.example/.com

Answer: C

Explanation:
Explanation
\1://www.company.com/\2/\3


NEW QUESTION # 34
You are configuring FortiAnalyzer to store logs from FortiWeb.
Which is true?

  • A. You must enable ADOMs on FortiAnalyzer.
  • B. FortiAnalyzer will store antivirus and DLP archives from FortiWeb.
  • C. FortiWeb will query FortiAnalyzer for reports, instead of generating them locally.
  • D. To store logs from FortiWeb 6.4, on FortiAnalyzer, you must select "FrotiWeb 6.1".

Answer: A


NEW QUESTION # 35
Review the following configuration:

What is the expected result of this configuration setting?

  • A. When machine learning (ML) is in its running phase, FortiWeb will accept a set number of samples from the same source IP address.
  • B. When machine learning (ML) is in its collecting phase, FortiWeb will not accept any samples from any source IP addresses.
  • C. When machine learning (ML) is in its collecting phase, FortiWeb will accept an unlimited number of samples from the same source IP address.
  • D. When machine learning (ML) is in its running phase, FortiWeb will accept an unlimited number of samples from the same source IP address.

Answer: C


NEW QUESTION # 36
You are using HTTP content routing on FortiWeb. Requests for web app A should be forwarded to a cluster of web servers which all host the same web app. Requests for web app B should be forwarded to a different, single web server.
Which is true about the solution?

  • A. The server policy applies the same protection profile to all its protected web apps.
  • B. To achieve HTTP content routing, you must chain policies: the first policy accepts all traffic, and forwards requests for web app A to the virtual server for policy A. It also forwards requests for web app B to the virtual server for policy B. Policy A and Policy B apply their app-specific protection profiles, and then distribute that app's traffic among all members of the server farm.
  • C. Static or policy-based routes are not required.
  • D. You must put the single web server into a server pool in order to use it with HTTP content routing.

Answer: B


NEW QUESTION # 37
......


Achieving Fortinet NSE6_FWB-6.4 certification has several benefits for security professionals. It demonstrates their proficiency in implementing and managing FortiWeb 6.4, which is a critical component of an organization's web application security strategy. Additionally, it validates their knowledge of web application security concepts and security technologies, which are in high demand in the industry. Finally, Fortinet NSE6_FWB-6.4 certification opens up several career opportunities for security professionals, including roles such as network security engineer, security analyst, and security consultant.

 

100% Real & Accurate NSE6_FWB-6.4 Questions and Answers with Free and Fast Updates: https://www.pass4sures.top/NSE-6-Network-Security-Specialist/NSE6_FWB-6.4-testking-braindumps.html

Related Articles

more
Fortinet NSE6_FWB-6.4 Certification Practice Exam