• Home
  • Articles
  • The Best Fortinet NSE6_FWB-6.4 Study Guides and Dumps of 2024 [Q18-Q36]

The Best Fortinet NSE6_FWB-6.4 Study Guides and Dumps of 2024 [Q18-Q36]

Share

The Best Fortinet NSE6_FWB-6.4 Study Guides and Dumps of 2024

Top Fortinet NSE6_FWB-6.4 Exam Audio Study Guide! Practice Questions Edition


Fortinet NSE6_FWB-6.4 certification exam covers a wide range of topics, including FortiWeb system architecture, deployment modes, security policies, web application firewall (WAF) rules, SSL/TLS encryption, authentication and access control, logging and reporting, and advanced threat protection. NSE6_FWB-6.4 exam consists of multiple-choice questions, and test-takers have 120 minutes to complete it. The passing score for NSE6_FWB-6.4 exam is 60%, and it is available in multiple languages, including English, Japanese, and Chinese.

 

NEW QUESTION # 18
How does your FortiWeb configuration differ if the FortiWeb is upstream of the SNAT device instead of downstream of the SNAT device?

  • A. You must enable the "Use" X-Forwarded-For: option.
  • B. No special configuration required
  • C. You must enable "Add" X-Forwarded-For: instead of the "Use" X-Forwarded-For: option.
  • D. FortiWeb must be set for Transparent Mode

Answer: C


NEW QUESTION # 19
Which three statements about HTTPS on FortiWeb are true? (Choose three.)

  • A. For SNI, you select the certificate that FortiWeb will present in the server pool, not in the server policy.
  • B. In true transparent mode, the TLS session terminator is a protected web server.
  • C. In transparent inspection mode, you select which certificate that FortiWeb will present in the server pool, not in the server policy.
  • D. Enabling RC4 protects against the BEAST attack, but is not recommended if you configure FortiWeb to only offer TLS 1.2.
  • E. After enabling HSTS, redirects to HTTPS are no longer necessary.

Answer: B,C,D


NEW QUESTION # 20
Which would be a reason to implement HTTP rewriting?

  • A. To send the request to secure channel
  • B. The original page has moved to a new URL
  • C. To replace a vulnerable function in the requested URL
  • D. The original page has moved to a new IP address

Answer: C

Explanation:
Explanation
Create a new URL rewriting rule.


NEW QUESTION # 21
When the FortiWeb is configured in Reverse Proxy mode and the FortiGate is configured as an SNAT device, what IP address will the FortiGate's Real Server configuration point at?

  • A. IP Address of the Virtual Server on the FortiWeb
  • B. Virtual Server IP on the FortiGate
  • C. Server's real IP
  • D. FortiWeb's real IP

Answer: B


NEW QUESTION # 22
A client is trying to start a session from a page that would normally be accessible only after the client has logged in.
When a start page rule detects the invalid session access, what can FortiWeb do? (Choose three.)

  • A. Prompt the client to authenticate
  • B. Allow the page access, but log the violation
  • C. Display an access policy message, then allow the client to continue
  • D. Reply with a 403 Forbidden HTTP error
  • E. Redirect the client to the login page

Answer: B,D,E


NEW QUESTION # 23
Refer to the exhibit.

FortiWeb is configured to block traffic from Japan to your web application server. However, in the logs, the administrator is seeing traffic allowed from one particular IP address which is geo-located in Japan.
What can the administrator do to solve this problem? (Choose two.)

  • A. Configure the IP address as a blacklisted IP address.
  • B. If the IP address is configured as a geo reputation exception, remove it.
  • C. If the IP address is configured as an IP reputation exception, remove it.
  • D. Manually update the geo-location IP addresses for Japan.

Answer: A,B


NEW QUESTION # 24
When generating a protection configuration from an auto learning report what critical step must you do before generating the final protection configuration?

  • A. Activate the report to create t profile
  • B. Restart the FortiWeb to clear the caches
  • C. Drill down in the report to correct any false positives.
  • D. Take the FortiWeb offline to apply the profile

Answer: C


NEW QUESTION # 25
The FortiWeb machine learning (ML) feature is a two-phase analysis mechanism.
Which two functions does the first layer perform? (Choose two.)

  • A. Determines if a detected threat is a false-positive or not
  • B. Determines whether an anomaly is a real attack or just a benign anomaly that should be ignored
  • C. Builds a threat model behind every parameter and HTTP method
  • D. Determines whether traffic is an anomaly, based on observed application traffic over time

Answer: C,D

Explanation:
Explanation
The first layer uses the Hidden Markov Model (HMM) and monitors access to the application and collects data to build a mathematical model behind every parameter and HTTP method.


NEW QUESTION # 26
You are configuring FortiAnalyzer to store logs from FortiWeb.
Which is true?

  • A. To store logs from FortiWeb 6.4, on FortiAnalyzer, you must select "FrotiWeb 6.1".
  • B. You must enable ADOMs on FortiAnalyzer.
  • C. FortiAnalyzer will store antivirus and DLP archives from FortiWeb.
  • D. FortiWeb will query FortiAnalyzer for reports, instead of generating them locally.

Answer: B


NEW QUESTION # 27
Which algorithm is used to build mathematical models for bot detection?

  • A. HMM
  • B. SVM
  • C. HCM
  • D. SVN

Answer: B

Explanation:
Explanation
FortiWeb uses SVM (Support Vector Machine) algorithm to build up the bot detection model


NEW QUESTION # 28
Which two statements about the anti-defacement feature on FortiWeb are true? (Choose two.)

  • A. Anti-defacement downloads a copy of your website to RAM, in order to restore a clean image, if it detects defacement.
  • B. Anti-defacement does not make a backup copy of your databases.
  • C. Anti-defacement can redirect users to a backup web server, if it detects a change.
  • D. FortiWeb will only check to see if there are changes on the web server; it will not download the whole file each time.

Answer: B,D

Explanation:
Explanation
Anti-defacement backs up web pages only, not databases.
If it detects any file changes, the FortiWeb appliance will download a new backup revision.


NEW QUESTION # 29
What key factor must be considered when setting brute force rate limiting and blocking?

  • A. Multiple clients sharing a single Internet connection
  • B. Multiple clients connecting to multiple resources
  • C. Multiple clients from geographically diverse locations
  • D. A single client contacting multiple resources

Answer: A

Explanation:
Explanation
https://training.fortinet.com/course/view.php?id=3363 What is one key factor that you must consider when setting brute force rate limiting and blocking? Multiple clients sharing a single Internet connection


NEW QUESTION # 30
You are using HTTP content routing on FortiWeb. Requests for web app A should be forwarded to a cluster of web servers which all host the same web app. Requests for web app B should be forwarded to a different, single web server.
Which is true about the solution?

  • A. The server policy applies the same protection profile to all its protected web apps.
  • B. To achieve HTTP content routing, you must chain policies: the first policy accepts all traffic, and forwards requests for web app A to the virtual server for policy A. It also forwards requests for web app B to the virtual server for policy B. Policy A and Policy B apply their app-specific protection profiles, and then distribute that app's traffic among all members of the server farm.
  • C. Static or policy-based routes are not required.
  • D. You must put the single web server into a server pool in order to use it with HTTP content routing.

Answer: B


NEW QUESTION # 31
Review the following configuration:

What is the expected result of this configuration setting?

  • A. When machine learning (ML) is in its running phase, FortiWeb will accept an unlimited number of samples from the same source IP address.
  • B. When machine learning (ML) is in its collecting phase, FortiWeb will not accept any samples from any source IP addresses.
  • C. When machine learning (ML) is in its running phase, FortiWeb will accept a set number of samples from the same source IP address.
  • D. When machine learning (ML) is in its collecting phase, FortiWeb will accept an unlimited number of samples from the same source IP address.

Answer: D


NEW QUESTION # 32
What must you do with your FortiWeb logs to ensure PCI DSS compliance?

  • A. Compress them into a .zip file format
  • B. Store in an off-site location
  • C. Erase them every two weeks
  • D. Enable masking of sensitive data

Answer: D


NEW QUESTION # 33
In Reverse proxy mode, how does FortiWeb handle traffic that does not match any defined policies?

  • A. Non-matching traffic is allowed
  • B. Non-matching traffic is Denied
  • C. non-Matching traffic is held in buffer
  • D. Non-matching traffic is rerouted to FortiGate

Answer: B


NEW QUESTION # 34
You are deploying FortiWeb 6.4 in an Amazon Web Services cloud. Which 2 lines of this initial setup via CLI are incorrect? (Choose two.)

  • A. 0
  • B. 1
  • C. 2
  • D. 3

Answer: A,C


NEW QUESTION # 35
Refer to the exhibit.

There is only one administrator account configured on FortiWeb. What must an administrator do to restrict any brute force attacks that attempt to gain access to the FortiWeb management GUI?

  • A. Change the Access Profile to Read_Only.
  • B. Configure IPv4 Trusted Host # 3 with a specific IP address.
  • C. Delete the built-in administrator user and create a new one.
  • D. The configuration changes must be made on the upstream device.

Answer: B


NEW QUESTION # 36
......

Valid NSE6_FWB-6.4 Exam Updates - 2024 Study Guide: https://passguide.testkingpass.com/NSE6_FWB-6.4-testking-dumps.html

Related Articles

more
Fortinet NSE6_FWB-6.4 Certification Practice Exam