• Home
  • Articles
  • [Q16-Q34] VCEDumps NSE6_FWB-6.1 Real Exam Question Answers Updated [Jan 27, 2022]

[Q16-Q34] VCEDumps NSE6_FWB-6.1 Real Exam Question Answers Updated [Jan 27, 2022]

Share

VCEDumps NSE6_FWB-6.1 Real Exam Question Answers Updated [Jan 27, 2022]

Easily To Pass New Fortinet NSE6_FWB-6.1 Dumps with 30 Questions

NEW QUESTION 16
Which three statements about HTTPS on FortiWeb are true? (Choose three.)

  • A. For SNI, you select the certificate that FortiWeb presents in the server pool, not in the server policy.
  • B. Enabling RC4 protects against the BEAST attack, but is not recommended if you configure FortiWeb to offer only TLS 1.2.
  • C. In transparent inspection mode, you select the certificate that FortiWeb presents in the server pool, not in the server policy.
  • D. After enabling HSTS, redirects to HTTPS are never needed.
  • E. In true transparent mode, the TLS session terminator is a protected web server.

Answer: A,C,E

 

NEW QUESTION 17
Refer to the exhibit.

Based on the configuration, what would happen if this FortiWeb were to lose power? (Choose two.)

  • A. Traffic will be interrupted between port3 and port4.
  • B. Traffic will pass between port5 and port6 uninspected.
  • C. Traffic that passes between port5 and port6 will be inspected.
  • D. All traffic will be interrupted.

Answer: A,B

 

NEW QUESTION 18
When viewing the attack logs on FortiWeb, which client IP address is shown when you are using XFF header rules?

  • A. FortiGate public IP
  • B. Client real IP
  • C. FortiGate local IP
  • D. FortiWeb IP

Answer: B

Explanation:
When an XFF header reaches Alteon from a client, Alteon removes all the content from the header and injects the client IP address. Alteon then forwards the header to the server.

 

NEW QUESTION 19
What key factor must be considered when setting brute force rate limiting and blocking?

  • A. A single client contacting multiple resources
  • B. Multiple clients sharing a single Internet connection
  • C. Multiple clients from geographically diverse locations
  • D. Multiple clients connecting to multiple resources

Answer: D

 

NEW QUESTION 20
The FortiWeb machine learning (ML) feature is a two-phase analysis mechanism.
Which two functions does the first layer perform? (Choose two.)

  • A. Determines whether traffic is an anomaly, based on observed application traffic over time
  • B. Builds a threat model behind every parameter and HTTP method
  • C. Determines whether an anomaly is a real attack or just a benign anomaly that should be ignored
  • D. Determines if a detected threat is a false-positive or not

Answer: A,B

Explanation:
The first layer uses the Hidden Markov Model (HMM) and monitors access to the application and collects data to build a mathematical model behind every parameter and HTTP method.

 

NEW QUESTION 21
Which two statements about the anti-defacement feature on FortiWeb are true? (Choose two.)

  • A. FortiWeb will only check to see if there are changes on the web server; it will not download the whole file each time.
  • B. Anti-defacement can redirect users to a backup web server, if it detects a change.
  • C. Anti-defacement downloads a copy of your website to RAM, in order to restore a clean image, if it detects defacement.
  • D. Anti-defacement does not make a backup copy of your databases.

Answer: A,D

Explanation:
Anti-defacement backs up web pages only, not databases.
If it detects any file changes, the FortiWeb appliance will download a new backup revision.

 

NEW QUESTION 22
Refer to the exhibits.


FortiWeb is configured in reverse proxy mode and it is deployed downstream to FortiGate. Based on the configuration shown in the exhibits, which of the following statements is true?

  • A. The configuration is incorrect. FortiWeb should always be located upstream to FortiGate.
  • B. You must disable the Preserve Client IP setting on FotriGate for this configuration to work.
  • C. FortiGate should forward web traffic to virtual server IP address.
  • D. FortiGate should forward web traffic to the server pool IP addresses.

Answer: C

 

NEW QUESTION 23
Refer to the exhibit.

FortiWeb is configured to block traffic from Japan to your web application server. However, in the logs, the administrator is seeing traffic allowed from one particular IP address which is geo-located in Japan.
What can the administrator do to solve this problem? (Choose two.)

  • A. If the IP address is configured as an IP reputation exception, remove it.
  • B. Configure the IP address as a blacklisted IP address.
  • C. Manually update the geo-location IP addresses for Japan.
  • D. If the IP address is configured as a geo reputation exception, remove it.

Answer: B,C

Explanation:
IP reputation leverages many techniques for accurate, early, and frequently updated identification of compromised and malicious clients so you can block attackers before they target your servers.
IP blacklisting is a method used to filter out illegitimate or malicious IP addresses from accessing your networks. Blacklists are lists containing ranges of or individual IP addresses that you want to block.
Reference:
https://www.imperva.com/learn/application-security/ip-blacklist/

 

NEW QUESTION 24
In which scenario might you want to use the compression feature on FortiWeb?

  • A. Never, since most traffic today is already highly compressed
  • B. When you are serving many corporate road warriors using 4G tablets and phones
  • C. When you want to reduce buffering of video streams
  • D. When you are offering a music streaming service

Answer: A

Explanation:
FortiWeb might expend resources compressing responses that have already been compressed by the server.

 

NEW QUESTION 25
When is it possible to use a self-signed certificate, rather than one purchased from a commercial certificate authority?

  • A. If you are an enterprise whose computers all trust your active directory or other CA server
  • B. If you are a small business or home office
  • C. If you are an enterprise whose resources do not need security
  • D. If you are an enterprise whose employees use only mobile devices

Answer: C

Explanation:
This can include SSL/TLS certificates, code signing certificates, and S/MIME certificates. The reason why they're considered different from traditional certificate-authority signed certificates is that they're created, issued, and signed by the company or developer who is responsible for the website or software being signed. This is why self-signed certificates are considered unsafe for public-facing websites and applications.

 

NEW QUESTION 26
Refer to the exhibit.

FortiADC is applying SNAT to all inbound traffic going to the servers. When an attack occurs, FortiWeb blocks traffic based on the 192.0.2.1 source IP address, which belongs to FortiADC. The setup is breaking all connectivity and genuine clients are not able to access the servers.
What must the administrator do to avoid this problem? (Choose two.)

  • A. Place FortiWeb in front of FortiADC.
  • B. Enable the Use X-Forwarded-For setting on FortiWeb.
  • C. Enable the Add X-Forwarded-For setting on FortiWeb.
  • D. No Special configuration is required; connectivity will be re-established after the set timeout.

Answer: B,C

Explanation:
Configure your load balancer to insert or append to an X-Forwarded-For:, X-Real-IP:, or other HTTP X-header. Also configure FortiWeb to find the original attacker's or client's IP address in that HTTP header

 

NEW QUESTION 27
Which regex expression is the correct format for redirecting the URL http://www.example.com?

  • A. www\.example\.com
  • B. www.example.com
  • C. www/.example/.com
  • D. www\example\com

Answer: B

Explanation:
\1://www.company.com/\2/\3

 

NEW QUESTION 28
......

Latest NSE6_FWB-6.1 Study Guides 2022 - With Test Engine PDF: https://testinsides.vcedumps.com/NSE6_FWB-6.1-examcollection.html

Related Articles

more
Fortinet NSE6_FWB-6.1 Certification Practice Exam

VCEDumps is a joint venture for provding vce files free and valid dumps pdf. We guarantee VCEDumps dumps pdf help you pass exam 100% for sure. Not Valid, Full Refund!

Latest VCE Dumps

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Copyright © 2026 VCEDumps NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy