Free share a part of the Fortinet NSE6_FWB-6.1 exam dumps to help you study for the exam, you can practice the test online to improve your exam skills.
We also provide a complete Fortinet NSE6_FWB-6.1 dumps exam question entry https://www.leads4pass.com/nse6_fwb-6-1.html (Total Questions: 30 Q&A)
All exam questions and answers are updated throughout the year, true and effective, to ensure that the first exam is successfully passed!
Download Fortinet NSE6_FWB-6.1 exam PDF for free
Google Drive: https://drive.google.com/file/d/1AzkxXcHwEKaN81L9vOhKAL2l-Gk9GmkW/view?usp=sharing
Participate in the Fortinet NSE6_FWB-6.1 online exam practice test
Exam answers are announced at the end of the article
QUESTION 1
An e-commerce web app is used by small businesses. Clients often access it from offices behind a router,
where clients are on an IPv4 private network LAN. You need to protect the web application from denial of
service attacks that use request floods.
What FortiWeb feature should you configure?
A. Enable “Shared IP” and configure the separate rate limits for requests from NATted source IPs.
B. Configure FortiWeb to use “X-Forwarded-For:” headers to find each client\\’s private network IP, and to block attacks using that.
C. Enable SYN cookies.
D. Configure a server policy that matches requests from shared Internet connections.
QUESTION 2
Which of the following is true about Local User Accounts?
A. Must be assigned regardless of any other authentication
B. Can be used for Single Sign On
C. Can be used for site publishing
D. Best suited for large environments with many users
QUESTION 3
When the FortiWeb is configured in Reverse Proxy mode and the FortiGate is configured as an SNAT device, what IP address will the FortiGate\\’s Real Server configuration point at?
A. Virtual Server IP on the FortiGate
B. Server\\’s real IP
C. FortiWeb\\’s real IP
D. IP Address of the Virtual Server on the FortiWeb
QUESTION 4
Under which circumstances does FortiWeb use its own certificates? (Choose Two)
A. Secondary HTTPS connection to server where FortiWeb acts as a client
B. HTTPS to clients
C. HTTPS access to GUI
D. HTTPS to FortiGate
QUESTION 5
Which of the following would be a reason for implementing rewrites?
A. Page has been moved to a new URL
B. Page has been moved to a new IP address
C. Replace vulnerable functions.
D. Send connection to secure channel
QUESTION 6
You\\’ve configured an authentication rule with delegation enabled on FortiWeb. What happens when a user tries to access the web application?
A. FrotiWeb redirects users to a FortiAuthenticator page, then if the user authenticates successfully, FortiGate signals to
FortiWeb to allow access to the web app
B. ForitWeb redirects the user to the web app\\’s authentication page
C. FortiWeb forwards the HTTP challenge from the server to the client, then monitors the reply, allowing access if the user authenticates successfully
D. FortiWeb replies with a HTTP challenge of behalf of the server, the if the user authenticates successfully, FortiWeb
allows the request and also includes credentials in the request that it forwards to the web app
QUESTION 7
You are configuring FortiAnalyzer to store logs from FortiWeb. Which is true?
A. FortiAnalyzer will store antivirus and DLP archives from FortiWeb.
B. You must enable ADOMs on FortiAnalyzer.
C. To store logs from FortiWeb 6.0, on FortiAnalyzer, you must select “FrotiWeb 5.4”.
D. FortiWeb will query FortiAnalyzer for reports, instead of generating them locally.
QUESTION 8
A client is trying to start a session from a page that should normally be accessible only after they have
logged in.
When a start page rule detects the invalid session access, what can FortiWeb do? (Choose three.)
A. Reply with a “403 Forbidden” HTTP error
B. Allow the page access, but log the violation
C. Automatically redirect the client to the login page
D. Display an access policy message, then allow the client to continue, redirecting them to their requested page
E. Prompt the client to authenticate
QUESTION 9
Which implementation is best suited for a deployment that must meet compliance criteria?
A. SSL Inspection with FortiWeb in Transparency mode
B. SSL Offloading with FortiWeb in reverse proxy mode
C. SSL Inspection with FrotiWeb in Reverse Proxy mode
D. SSL Offloading with FortiWeb in Transparency Mode
QUESTION 10
How does an ADOM differ from a VDOM?
A. ADOMs do not have virtual networking
B. ADOMs improve performance by offloading some functions.
C. ADOMs only affect specific functions, and do not provide full separation like VDOMs do.
D. Allows you to have 1 administrator for multiple tenants
QUESTION 11
You are using HTTP content routing on FortiWeb. Requests for web app A should be forwarded to a
cluster of web servers which all host the same web app. Requests for web app B should be forwarded to a
different, single web server.
Which is true about the solution?
A. Static or policy-based routes are not required.
B. To achieve HTTP content routing, you must chain policies: the first policy accepts all traffic, and forwards requests for web app A to the virtual server for policy A. It also forwards requests for web app B to the virtual server for policy B.
Policy A and Policy B apply their app-specific protection profiles, and then distribute that app\\’s traffic among all members of the server farm.
C. You must put the single web server into a server pool in order to use it with HTTP content routing.
D. The server policy applies the same protection profile to all its protected web apps.
QUESTION 12
How does your FortiWeb configuration differ if the FortiWeb is upstream of the SNAT device instead of downstream of the SNAT device?
A. You must enable the “Use” X-Forwarded-For: option.
B. FortiWeb must be set for Transparent Mode
C. No special configuration required
D. You must enable “Add” X-Forwarded-For: instead of the “Use” X-Forwarded-For: option.
QUESTION 13
What can an administrator do if a client has been incorrectly Period Blocked?
A. Disconnect the client from the network
B. Manually release the IP from the temporary Blacklist
C. Nothing, it is not possible to override a Period Block
D. Force a new IP address to the client.
Publish the answer:
Q1 | Q2 | Q3 | Q4 | Q5 | Q6 | Q7 | Q8 | Q9 | Q10 | Q11 | Q12 | Q13 |
C | A | A | AC | A | A | B | ABC | C | D | B | A | B |
Get more Fortinet NSE6_FWB-6.1 dumps: https://www.leads4pass.com/nse6_fwb-6-1.html
Download Fortinet NSE6_FWB-6.1 exam PDF for free
Google Drive: https://drive.google.com/file/d/1AzkxXcHwEKaN81L9vOhKAL2l-Gk9GmkW/view?usp=sharing
Fortinet NSE6_FWB-6.1 is a new exam item in 2021, and it is very popular. We update and share some of the exam questions for free to help you improve your exam skills. Get the complete Fortinet NSE6_FWB-6.1 Choose leads4pass for exam questions. The pass rate is over 99%. It is guaranteed to pass the first exam successfully!