Nest 0 Cart
Nest Account
Popular Exams
All Categories...
Nest
Nest 0
Contact
Log In / Sign Up
Copyright 2024 © store. All rights reserved.
Home Fortinet NSE6_FWB-6.1

Fortinet NSE6_FWB-6.1 Exam Practice Questions (P. 2)

  • Full Access (30 questions)
  • Six months of Premium Access
  • Access to one million comments
  • Seamless ChatGPT Integration
  • Ability to download PDF files
  • Anki Flashcard files for revision
  • No Captcha & No AdSense
  • Advanced Exam Configuration
Get Contributor Access
Question #6
Refer to the exhibit.

Based on the configuration, what would happen if this FortiWeb were to lose power? (Choose two.)
  1. A
    Traffic that passes between port5 and port6 will be inspected.
  2. B
    Traffic will be interrupted between port3 and port4.
  3. C
    All traffic will be interrupted.
  4. D
    Traffic will pass between port5 and port6 uninspected.

Correct Answer:
BD
Reference:
https://docs.fortinet.com/document/fortiweb/6.3.10/administration-guide/33485/fail-to-wire-for-power-loss-reboots

Question #7
Refer to the exhibit.

FortiWeb is configured to block traffic from Japan to your web application server. However, in the logs, the administrator is seeing traffic allowed from one particular IP address which is geo-located in Japan.
What can the administrator do to solve this problem? (Choose two.)
  1. A
    Manually update the geo-location IP addresses for Japan.
  2. B
    If the IP address is configured as a geo reputation exception, remove it.
  3. C
    Configure the IP address as a blacklisted IP address.
  4. D
    If the IP address is configured as an IP reputation exception, remove it.

Correct Answer:
AC
IP reputation leverages many techniques for accurate, early, and frequently updated identification of compromised and malicious clients so you can block attackers before they target your servers.
IP blacklisting is a method used to filter out illegitimate or malicious IP addresses from accessing your networks. Blacklists are lists containing ranges of or individual IP addresses that you want to block.
Reference:
https://docs.fortinet.com/document/fortiweb/6.3.5/administration-guide/137271/blacklisting-whitelisting-clients https://www.imperva.com/learn/application-security/ip-blacklist/

Question #8
Which algorithm is used to build mathematical models for bot detection?
  1. A
    HCM
  2. B
    SVN
  3. C
    SVM
  4. D
    HMM

Correct Answer:
C
FortiWeb uses SVM (Support Vector Machine) algorithm to build up the bot detection model
Reference:
https://docs.fortinet.com/document/fortiweb/6.3.7/administration-guide/193258/machine-learning

Question #9
A client is trying to start a session from a page that would normally be accessible only after the client has logged in.
When a start page rule detects the invalid session access, what can FortiWeb do? (Choose three.)
  1. A
    Display an access policy message, then allow the client to continue
  2. B
    Redirect the client to the login page
  3. C
    Allow the page access, but log the violation
  4. D
    Prompt the client to authenticate
  5. E
    Reply with a 403 Forbidden HTTP error

Correct Answer:
BCE
Reference:
https://help.fortinet.com/fweb/607/Content/FortiWeb/fortiweb-admin/specify_urls_to_initiate.htm

Question #10
Refer to the exhibit.

Many legitimate users are being identified as bots. FortiWeb bot detection has been configured with the settings shown in the exhibit. The FortiWeb administrator has already verified that the current model is accurate.
What can the administrator do to fix this problem, making sure that real bots are not allowed through FortiWeb?
  1. A
    Change Model Type to Strict
  2. B
    Change Action under Action Settings to Alert
  3. C
    Disable Dynamically Update Model
  4. D
    Enable Bot Confirmation

Correct Answer:
D
Bot Confirmation -
If the number of anomalies from a user has reached the Anomaly Count, the system executes Bot Confirmation before taking actions.
The Bot Confirmation is to confirm if the user is indeed a bot. The system sends RBE (Real Browser Enforcement) JavaScript or CAPTCHA to the client to double check if it's a real bot.
Reference:
https://docs.fortinet.com/document/fortiweb/6.3.1/administration-guide/600188/configuring-bot-detection-profiles

Previous Questions Next Questions

All Pages