This page was exported from Top Exam Collection [ http://blog.topexamcollection.com ] Export date:Fri Apr 11 7:45:19 2025 / +0000 GMT ___________________________________________________ Title: Download the Latest NSE6_FWB-6.1 Dumps - 2022 NSE6_FWB-6.1 Exam Questions [Q17-Q35] --------------------------------------------------- Download the Latest NSE6_FWB-6.1 Dumps - 2022 NSE6_FWB-6.1 Exam Questions Latest Fortinet NSE6_FWB-6.1 Certification Practice Test Questions NO.17 When viewing the attack logs on FortiWeb, which client IP address is shown when you are using XFF header rules?  FortiGate public IP  FortiWeb IP  FortiGate local IP  Client real IP When an XFF header reaches Alteon from a client, Alteon removes all the content from the header and injects the client IP address. Alteon then forwards the header to the server.NO.18 Which three statements about HTTPS on FortiWeb are true? (Choose three.)  In true transparent mode, the TLS session terminator is a protected web server.  After enabling HSTS, redirects to HTTPS are never needed.  For SNI, you select the certificate that FortiWeb presents in the server pool, not in the server policy.  Enabling RC4 protects against the BEAST attack, but is not recommended if you configure FortiWeb to offer only TLS 1.2.  In transparent inspection mode, you select the certificate that FortiWeb presents in the server pool, not in the server policy. NO.19 What can an administrator do if a client has been incorrectly period blocked?  Nothing, it is not possible to override a period block.  Manually release the ID address from the temporary blacklist.  Force a new IP address to the client.  Disconnect the client from the network. Block PeriodEnter the number of seconds that you want to block the requests. The valid range is 1-3,600 seconds. The default value is 60 seconds.This option only takes effect when you choose Period Block in Action.Note: That’s a temporary blacklist so you can manually release them from the blacklist.NO.20 What is one of the key benefits of the FortiGuard IP reputation feature?  It maintains a list of private IP addresses.  It provides a document of IP addresses that are suspect, so that administrators can manually update their blacklists.  It is updated once per year.  It maintains a list of public IPs with a bad reputation for participating in attacks. FortiGuard IP Reputation service assigns a poor reputation, including virus-infected clients and malicious spiders/crawlers.NO.21 Refer to the exhibit.There is only one administrator account configured on FortiWeb. What must an administrator do to restrict any brute force attacks that attempt to gain access to the FortiWeb management GUI?  Delete the built-in administrator user and create a new one.  Configure IPv4 Trusted Host # 3 with a specific IP address.  The configuration changes must be made on the upstream device.  Change the Access Profile to Read_Only. NO.22 What must you do with your FortiWeb logs to ensure PCI DSS compliance?  Store in an off-site location  Erase them every two weeks  Enable masking of sensitive data  Compress them into a .zip file format NO.23 Which two statements about the anti-defacement feature on FortiWeb are true? (Choose two.)  Anti-defacement can redirect users to a backup web server, if it detects a change.  Anti-defacement downloads a copy of your website to RAM, in order to restore a clean image, if it detects defacement.  FortiWeb will only check to see if there are changes on the web server; it will not download the whole file each time.  Anti-defacement does not make a backup copy of your databases. Anti-defacement backs up web pages only, not databases.If it detects any file changes, the FortiWeb appliance will download a new backup revision.NO.24 What key factor must be considered when setting brute force rate limiting and blocking?  A single client contacting multiple resources  Multiple clients sharing a single Internet connection  Multiple clients from geographically diverse locations  Multiple clients connecting to multiple resources NO.25 FortiWeb offers the same load balancing algorithms as FortiGate.Which two Layer 7 switch methods does FortiWeb also offer? (Choose two.)  Round robin  HTTP session-based round robin  HTTP user-based round robin  HTTP content routes Reference:http://fortinet.globalgate.com.ar/pdfs/FortiWeb/FortiWeb_DS.pdfNO.26 Which statement about local user accounts is true?  They are best suited for large environments with many users.  They cannot be used for site publishing.  They must be assigned, regardless of any other authentication.  They can be used for SSO. You can configure the Remedy Single Sign-On server to authenticate TrueSight Capacity Optimization users as local users.NO.27 Refer to the exhibit.Based on the configuration, what would happen if this FortiWeb were to lose power? (Choose two.)  Traffic that passes between port5 and port6 will be inspected.  Traffic will be interrupted between port3 and port4.  All traffic will be interrupted.  Traffic will pass between port5 and port6 uninspected. NO.28 What role does FortiWeb play in ensuring PCI DSS compliance?  It provides the ability to securely process cash transactions.  It provides the required SQL server protection.  It provides the WAF required by PCI.  It provides credit card processing capabilities. FortiWeb protects against attacks that lead to sensitive data exposure such as SQL Injection and other injection types. Additionally, FortiWeb inspects all web server outgoing traffic for sensitive data such as Social Security numbers, credit card numbers and other predefined or custom based sensitive data. Loading … Verified NSE6_FWB-6.1 Dumps Q&As - 1 Year Free & Quickly Updates: https://www.topexamcollection.com/NSE6_FWB-6.1-vce-collection.html --------------------------------------------------- Images: https://blog.topexamcollection.com/wp-content/plugins/watu/loading.gif https://blog.topexamcollection.com/wp-content/plugins/watu/loading.gif --------------------------------------------------- --------------------------------------------------- Post date: 2022-04-10 12:43:53 Post date GMT: 2022-04-10 12:43:53 Post modified date: 2022-04-10 12:43:53 Post modified date GMT: 2022-04-10 12:43:53