시험덤프
매달, 우리는 1000명 이상의 사람들이 시험 준비를 잘하고 시험을 잘 통과할 수 있도록 도와줍니다.
  / NSE6_FWB-6.4 덤프  / NSE6_FWB-6.4 문제 연습

Fortinet NSE6_FWB-6.4 시험

Fortinet NSE 6 - FortiWeb 6.4 온라인 연습

최종 업데이트 시간: 2024년12월12일

당신은 온라인 연습 문제를 통해 Fortinet NSE6_FWB-6.4 시험지식에 대해 자신이 어떻게 알고 있는지 파악한 후 시험 참가 신청 여부를 결정할 수 있다.

시험을 100% 합격하고 시험 준비 시간을 35% 절약하기를 바라며 NSE6_FWB-6.4 덤프 (최신 실제 시험 문제)를 사용 선택하여 현재 최신 56개의 시험 문제와 답을 포함하십시오.

 / 2

Question No : 1


What key factor must be considered when setting brute force rate limiting and blocking?

정답:
Explanation:
https://training.fortinet.com/course/view.php?id=3363 What is one key factor that you must consider when setting brute force rate limiting and blocking? Multiple clients sharing a single Internet connection

Question No : 2


Refer to the exhibit.



There is only one administrator account configured on FortiWeb .
What must an administrator do to restrict any brute force attacks that attempt to gain access to the FortiWeb management GUI?

정답:
Explanation:
Reference: https://docs.fortinet.com/document/fortiweb/6.1.1/administration-guide/397469/preventing-brute-force-logins

Question No : 3


What role does FortiWeb play in ensuring PCI DSS compliance?

정답:

Question No : 4


What must you do with your FortiWeb logs to ensure PCI DSS compliance?

정답:
Explanation:
Reference: https://docplayer.net/8466775-Fortiweb-web-application-firewall-ensuring-compliance-for-pci-dss-requirement-6-6-solution-guide.html

Question No : 5


Which two statements about the anti-defacement feature on FortiWeb are true? (Choose two.)

정답:
Explanation:
Anti-defacement backs up web pages only, not databases.
If it detects any file changes, the FortiWeb appliance will download a new backup revision.
Reference: https://help.fortinet.com/fweb/551/Content/FortiWeb/fortiweb-admin/anti_defacement.htm

Question No : 6


Review the following configuration:



What is the expected result of this configuration setting?

정답:

Question No : 7


True transparent proxy mode is best suited for use in which type of environment?

정답:
Explanation:
"Because blocking is not guaranteed to succeed in offline mode, this mode is best used during the evaluation and planning phase, early in implementation. Reverse proxy is the most popular operating mode. It can rewrite URLs, offload TLS, load balance, and apply NAT. For very large MSSP, true transparent mode has a significant advantage. You can drop it in without changing any schemes of limited IPv4 spaceCin transparent mode, you don’t need to give IP addresses to the network interfaces on FortiWeb."

Question No : 8


When FortiWeb triggers a redirect action, which two HTTP codes does it send to the client to inform the browser of the new URL? (Choose two.)

정답:
Explanation:
Reference: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/302

Question No : 9


Which regex expression is the correct format for redirecting the URL http://www.example.com?

정답:
Explanation:
Reference: https://learn.akamai.com/en-us/webhelp/edge-redirector/edge-redirector-guide/GUID-0C22DFC2-DCC4-42AF-BDB2-9537FBEE03FD.html

Question No : 10


What can an administrator do if a client has been incorrectly period blocked?

정답:
Explanation:
Block Period
Enter the number of seconds that you want to block the requests. The valid range is 1C3,600 seconds. The default value is 60 seconds.
This option only takes effect when you choose Period Block in Action.
Note: That’s a temporary blacklist so you can manually release them from the blacklist.
Reference: https://docs.fortinet.com/document/fortiweb/6.3.1/administration-guide/600188/configuring-bot-detection-profiles

Question No : 11


Refer to the exhibit.



Many legitimate users are being identified as bots. FortiWeb bot detection has been configured with the settings shown in the exhibit. The FortiWeb administrator has already verified that the current model is accurate.
What can the administrator do to fix this problem, making sure that real bots are not allowed through FortiWeb?

정답:
Explanation:
Bot Confirmation
If the number of anomalies from a user has reached the Anomaly Count, the system executes Bot Confirmation before taking actions.
The Bot Confirmation is to confirm if the user is indeed a bot. The system sends RBE (Real Browser Enforcement) JavaScript or CAPTCHA to the client to double check if it's a real bot.
Reference: https://docs.fortinet.com/document/fortiweb/6.3.1/administration-guide/600188/configuring-bot-detection-profiles

Question No : 12


A client is trying to start a session from a page that would normally be accessible only after the client has logged in.
When a start page rule detects the invalid session access, what can FortiWeb do? (Choose three.)

정답:
Explanation:
Reference: https://help.fortinet.com/fweb/607/Content/FortiWeb/fortiweb-admin/specify_urls_to_initiate.htm

Question No : 13


Which algorithm is used to build mathematical models for bot detection?

정답:
Explanation:
FortiWeb uses SVM (Support Vector Machine) algorithm to build up the bot detection model
Reference: https://docs.fortinet.com/document/fortiweb/6.3.7/administration-guide/193258/machine-learning

Question No : 14


Refer to the exhibit.



FortiWeb is configured to block traffic from Japan to your web application server. However, in the logs, the administrator is seeing traffic allowed from one particular IP address which is geo-located in Japan.
What can the administrator do to solve this problem? (Choose two.)

정답:

Question No : 15


Refer to the exhibit.



Based on the configuration, what would happen if this FortiWeb were to lose power? (Choose two.)

정답:
Explanation:
Reference: https://docs.fortinet.com/document/fortiweb/6.3.10/administration-guide/33485/fail-to-wire-for-power-loss-reboots

 / 2
Fortinet