NSE6_FWB-6.1 Online Practice Questions and Answers

You are configuring FortiAnalyzer to store logs from FortiWeb. Which is true?

A. FortiAnalyzer will store antivirus and DLP archives from FortiWeb.

B. You must enable ADOMs on FortiAnalyzer.

C. To store logs from FortiWeb 6.0, on FortiAnalyzer, you must select "FrotiWeb 5.4".

D. FortiWeb will query FortiAnalyzer for reports, instead of generating them locally.

Which of the following would be a reason for implementing rewrites?

A. Page has been moved to a new URL

B. Page has been moved to a new IP address

C. Replace vulnerable functions.

D. Send connection to secure channel

A client is trying to start a session from a page that should normally be accessible only after they have

logged in.

When a start page rule detects the invalid session access, what can FortiWeb do? (Choose three.)

A. Reply with a "403 Forbidden" HTTP error

B. Allow the page access, but log the violation

C. Automatically redirect the client to the login page

D. Display an access policy message, then allow the client to continue, redirecting them to their requested page

E. Prompt the client to authenticate

When viewing the attack logs on your FortiWeb, which IP Address is shown for the client when using XFF Header rules?

A. FortiGate's public IP

B. FortiGate's local IP

C. FortiWeb's IP

D. Client's real IP

You are deploying FortiWeb 6.0 in an Amazon Web Services cloud. Which 2 lines of this initial setup via CLI are incorrect? (Choose two.)

A. 6

B. 9

C. 3

D. 2

How does offloading compression to FortiWeb benefit your network?

A. free up resources on the database server

B. Free up resources on the web server

C. reduces file size on the client's storage

D. free up resources on the FortiGate

You are using HTTP content routing on FortiWeb. Requests for web app A should be forwarded to a

cluster of web servers which all host the same web app. Requests for web app B should be forwarded to a

different, single web server.

Which is true about the solution?

A. Static or policy-based routes are not required.

B. To achieve HTTP content routing, you must chain policies: the first policy accepts all traffic, and forwards requests for web app A to the virtual server for policy A. It also forwards requests for web app B to the virtual server for policy B. Policy A and Policy B apply their app-specific protection profiles, and then distribute that app's traffic among all members of the server farm.

C. You must put the single web server into a server pool in order to use it with HTTP content routing.

D. The server policy applies the same protection profile to all its protected web apps.

When integrating FortiWeb and FortiAnalyzer, why is the selection for FortiWeb Version critical? (Choose two)

A. Defines Log file format

B. Defines communication protocol

C. Defines Database Schema

D. Defines Log storage location

Which operation mode does not require additional configuration in order to allow FTP traffic to your web server?

A. Offline Protection

B. Transparent Inspection

C. True Transparent Proxy

D. Reverse-Proxy

Reverse-proxy mode is best suited for use in which type of environment?

A. New networks where infrastructure is not yet defined

B. Environments where you cannot change your IP addressing scheme

C. Flexible environments where you can easily change the IP addressing scheme

D. Small Office/Home Office environments