NSE6_FWB-6.4 Fortinet NSE 6 - FortiWeb 6.4 Questions and Answers

6

9

3

2

FortiGate should forward web traffic to the server pool IP addresses.

The configuration is incorrect. FortiWeb should always be located upstream to FortiGate.

You must disable the Preserve Client IP setting on FotriGate for this configuration to work.

FortiGate should forward web traffic to virtual server IP address.

SSL Inspection with FortiWeb in Transparency mode

SSL Offloading with FortiWeb in reverse proxy mode

SSL Inspection with FrotiWeb in Reverse Proxy mode

SSL Offloading with FortiWeb in Transparency Mode

Static or policy-based routes are not required.

To achieve HTTP content routing, you must chain policies: the first policy accepts all traffic, and forwards requests for web app A to the virtual server for policy A. It also forwards requests for web app B to the virtual server for policy B. Policy A and Policy B apply their app-specific protection profiles, and then distribute that app’s traffic among all members of the server farm.

You must put the single web server into a server pool in order to use it with HTTP content routing.

The server policy applies the same protection profile to all its protected web apps.

For SNI, you select the certificate that FortiWeb will present in the server pool, not in the server policy.

After enabling HSTS, redirects to HTTPS are no longer necessary.

In true transparent mode, the TLS session terminator is a protected web server.

Enabling RC4 protects against the BEAST attack, but is not recommended if you configure FortiWeb to only offer TLS 1.2.

In transparent inspection mode, you select which certificate that FortiWeb will present in the server pool, not in the server policy.

When you are serving many corporate road warriors using 4G tablets and phones

When you are offering a music streaming service

When you want to reduce buffering of video streams

Never, since most traffic today is already highly compressed

Must be assigned regardless of any other authentication

Can be used for Single Sign On

Can be used for site publishing

Best suited for large environments with many users

Determines whether an anomaly is a real attack or just a benign anomaly that should be ignored

Builds a threat model behind every parameter and HTTP method

Determines if a detected threat is a false-positive or not

Determines whether traffic is an anomaly, based on observed application traffic over time

Reply with a “403 Forbidden” HTTP error

Allow the page access, but log the violation

Automatically redirect the client to the login page

Display an access policy message, then allow the client to continue, redirecting them to their requested page

Prompt the client to authenticate

Manually update the geo-location IP addresses for Japan.

If the IP address is configured as a geo reputation exception, remove it.

Configure the IP address as a blacklisted IP address.

If the IP address is configured as an IP reputation exception, remove it.

Restart the FortiWeb to clear the caches

Drill down in the report to correct any false positives.

Activate the report to create t profile

Take the FortiWeb offline to apply the profile

Anti-defacement can redirect users to a backup web server, if it detects a change.

Anti-defacement downloads a copy of your website to RAM, in order to restore a clean image, if it detects defacement.

FortiWeb will only check to see if there are changes on the web server; it will not download the whole file each time.

Anti-defacement does not make a backup copy of your databases.

You must enable the “Use” X-Forwarded-For: option.

FortiWeb must be set for Transparent Mode

No special configuration required

You must enable “Add” X-Forwarded-For: instead of the “Use” X-Forwarded-For: option.