NSE6_FWB-6.1 Online Practice Questions and Answers

Which of the following would be a reason for implementing rewrites?

A. Page has been moved to a new URL

B. Page has been moved to a new IP address

C. Replace vulnerable functions.

D. Send connection to secure channel

Which is true about HTTPS on FortiWeb? (Choose three.)

A. For SNI, you select the certificate that FortiWeb will present in the server pool, not in the server policy.

B. After enabling HSTS, redirects to HTTPS are no longer necessary.

C. In true transparent mode, the TLS session terminator is a protected web server.

D. Enabling RC4 protects against the BEAST attack, but is not recommended if you configure FortiWeb to only offer TLS 1.2.

E. In transparent inspection mode, you select which certificate that FortiWeb will present in the server pool, not in the server policy.

Which of the following is true about Local User Accounts?

A. Must be assigned regardless of any other authentication

B. Can be used for Single Sign On

C. Can be used for site publishing

D. Best suited for large environments with many users

In which operation mode(s) can FortiWeb modify HTTP packets? (Choose two.)

A. Transparent Inspection

B. Offline protection

C. True transparent proxy

D. Reverse proxy

What other consideration must you take into account when configuring Defacement protection A. Use FortiWeb to block SQL Injections and keep regular backups of the Database

B. Also incorporate a FortiADC into your network

C. None. FortiWeb completely secures the site against defacement attacks

D. Configure the FortiGate to perform Anti-Defacement as well

You are deploying FortiWeb 6.0 in an Amazon Web Services cloud. Which 2 lines of this initial setup via CLI are incorrect? (Choose two.)

A. 6

B. 9

C. 3

D. 2

You've configured an authentication rule with delegation enabled on FortiWeb. What happens when a user tries to access the web application?

A. FrotiWeb redirects users to a FortiAuthenticator page, then if the user authenticates successfully, FortiGate signals to FortiWeb to allow access to the web app

B. ForitWeb redirects the user to the web app's authentication page

C. FortiWeb forwards the HTTP challenge from the server to the client, then monitors the reply, allowing access if the user authenticates successfully

D. FortiWeb replies with a HTTP challenge of behalf of the server, the if the user authenticates successfully, FortiWeb allows the request and also includes credentials in the request that it forwards to the web app

Which implementation is best suited for a deployment that must meet compliance criteria?

A. SSL Inspection with FortiWeb in Transparency mode

B. SSL Offloading with FortiWeb in reverse proxy mode

C. SSL Inspection with FrotiWeb in Reverse Proxy mode

D. SSL Offloading with FortiWeb in Transparency Mode

Reverse-proxy mode is best suited for use in which type of environment?

A. New networks where infrastructure is not yet defined

B. Environments where you cannot change your IP addressing scheme

C. Flexible environments where you can easily change the IP addressing scheme

D. Small Office/Home Office environments

Under which circumstances does FortiWeb use its own certificates? (Choose Two)

A. Secondary HTTPS connection to server where FortiWeb acts as a client

B. HTTPS to clients

C. HTTPS access to GUI

D. HTTPS to FortiGate