Practice Exams:

Free NSE6_FWB-6.4 Exam Braindumps

Pass your Fortinet NSE 6 - FortiWeb 6.4 exam with these free Questions and Answers

Page 2 of 12
PDF with 56 Questions
QUESTION 1

In which two operating modes can FortiWeb modify HTTP packets? (Choose two.)

  1. A. Offline protection
  2. B. Transparent inspection
  3. C. True transparent proxy
  4. D. Reverse proxy

Correct Answer: CD

QUESTION 2

What is one of the key benefits of the FortiGuard IP reputation feature?

  1. A. It maintains a list of private IP addresses.
  2. B. It provides a document of IP addresses that are suspect, so that administrators can manually update their blacklists.
  3. C. It is updated once per year.
  4. D. It maintains a list of public IPs with a bad reputation for participating in attacks.

Correct Answer: D
FortiGuard IP Reputation service assigns a poor reputation, including virus-infected clients and malicious spiders/crawlers.

QUESTION 3

Which three statements about HTTPS on FortiWeb are true? (Choose three.)

  1. A. For SNI, you select the certificate that FortiWeb will present in the server pool, not in the server policy.
  2. B. After enabling HSTS, redirects to HTTPS are no longer necessary.
  3. C. In true transparent mode, the TLS session terminator is a protected web server.
  4. D. Enabling RC4 protects against the BEAST attack, but is not recommended if you configure FortiWeb to only offer TLS 1.2.
  5. E. In transparent inspection mode, you select which certificate that FortiWeb will present in the server pool, not in the server policy.

Correct Answer: CDE

QUESTION 4

What other consideration must you take into account when configuring Defacement protection

  1. A. Use FortiWeb to block SQL Injections and keep regular backups of the Database
  2. B. Also incorporate a FortiADC into your network
  3. C. Non
  4. D. FortiWeb completely secures the site against defacement attacks
  5. E. Configure the FortiGate to perform Anti-Defacement as well

Correct Answer: A

QUESTION 5

When is it possible to use a self-signed certificate, rather than one purchased from a commercial certificate authority?

  1. A. If you are a small business or home office
  2. B. If you are an enterprise whose employees use only mobile devices
  3. C. If you are an enterprise whose resources do not need security
  4. D. If you are an enterprise whose computers all trust your active directory or other CA server

Correct Answer: D

Page 2 of 12
PDF with 56 Questions

Post your Comments and Discuss Fortinet NSE6_FWB-6.4 exam with other Community members: