• Home
  • Articles
  • NSE6_FWB-6.4 Exam PDF [2023] Tests Free Updated Today with Correct 58 Questions [Q29-Q44]

NSE6_FWB-6.4 Exam PDF [2023] Tests Free Updated Today with Correct 58 Questions [Q29-Q44]

Share

NSE6_FWB-6.4 Exam PDF [2023] Tests Free Updated Today with Correct 58 Questions

Fortinet NSE6_FWB-6.4 Exam Preparation Guide and PDF Download

NEW QUESTION 29
When integrating FortiWeb and FortiAnalyzer, why is the selection for FortiWeb Version critical? (Choose two)

  • A. Defines Log file format
  • B. Defines Database Schema
  • C. Defines Log storage location
  • D. Defines communication protocol

Answer: A,C

 

NEW QUESTION 30
You've configured an authentication rule with delegation enabled on FortiWeb.
What happens when a user tries to access the web application?

  • A. FrotiWeb redirects users to a FortiAuthenticator page, then if the user authenticates successfully, FortiGate signals to FortiWeb to allow access to the web app
  • B. FortiWeb forwards the HTTP challenge from the server to the client, then monitors the reply, allowing access if the user authenticates successfully
  • C. ForitWeb redirects the user to the web app's authentication page
  • D. FortiWeb replies with a HTTP challenge of behalf of the server, the if the user authenticates successfully, FortiWeb allows the request and also includes credentials in the request that it forwards to the web app

Answer: A

 

NEW QUESTION 31
Refer to the exhibit.

There is only one administrator account configured on FortiWeb. What must an administrator do to restrict any brute force attacks that attempt to gain access to the FortiWeb management GUI?

  • A. The configuration changes must be made on the upstream device.
  • B. Delete the built-in administrator user and create a new one.
  • C. Change the Access Profile to Read_Only.
  • D. Configure IPv4 Trusted Host # 3 with a specific IP address.

Answer: D

 

NEW QUESTION 32
Under which circumstances does FortiWeb use its own certificates? (Choose Two)

  • A. Secondary HTTPS connection to server where FortiWeb acts as a client
  • B. HTTPS to FortiGate
  • C. HTTPS access to GUI
  • D. HTTPS to clients

Answer: A,C

 

NEW QUESTION 33
What key factor must be considered when setting brute force rate limiting and blocking?

  • A. Multiple clients sharing a single Internet connection
  • B. Multiple clients connecting to multiple resources
  • C. A single client contacting multiple resources
  • D. Multiple clients from geographically diverse locations

Answer: A

Explanation:
Explanation
https://training.fortinet.com/course/view.php?id=3363 What is one key factor that you must consider when setting brute force rate limiting and blocking? Multiple clients sharing a single Internet connection

 

NEW QUESTION 34
Refer to the exhibit.

Based on the configuration, what would happen if this FortiWeb were to lose power? (Choose two.)

  • A. Traffic will pass between port5 and port6 uninspected.
  • B. Traffic that passes between port5 and port6 will be inspected.
  • C. Traffic will be interrupted between port3 and port4.
  • D. All traffic will be interrupted.

Answer: A,C

 

NEW QUESTION 35
You are using HTTP content routing on FortiWeb. Requests for web app A should be forwarded to a cluster of web servers which all host the same web app. Requests for web app B should be forwarded to a different, single web server.
Which is true about the solution?

  • A. Static or policy-based routes are not required.
  • B. The server policy applies the same protection profile to all its protected web apps.
  • C. To achieve HTTP content routing, you must chain policies: the first policy accepts all traffic, and forwards requests for web app A to the virtual server for policy A. It also forwards requests for web app B to the virtual server for policy B. Policy A and Policy B apply their app-specific protection profiles, and then distribute that app's traffic among all members of the server farm.
  • D. You must put the single web server into a server pool in order to use it with HTTP content routing.

Answer: C

 

NEW QUESTION 36
How does an ADOM differ from a VDOM?

  • A. ADOMs only affect specific functions, and do not provide full separation like VDOMs do.
  • B. Allows you to have 1 administrator for multiple tenants
  • C. ADOMs improve performance by offloading some functions.
  • D. ADOMs do not have virtual networking

Answer: D

 

NEW QUESTION 37
Which three statements about HTTPS on FortiWeb are true? (Choose three.)

  • A. In true transparent mode, the TLS session terminator is a protected web server.
  • B. After enabling HSTS, redirects to HTTPS are no longer necessary.
  • C. Enabling RC4 protects against the BEAST attack, but is not recommended if you configure FortiWeb to only offer TLS 1.2.
  • D. In transparent inspection mode, you select which certificate that FortiWeb will present in the server pool, not in the server policy.
  • E. For SNI, you select the certificate that FortiWeb will present in the server pool, not in the server policy.

Answer: A,C,D

 

NEW QUESTION 38
How does your FortiWeb configuration differ if the FortiWeb is upstream of the SNAT device instead of downstream of the SNAT device?

  • A. No special configuration required
  • B. You must enable the "Use" X-Forwarded-For: option.
  • C. FortiWeb must be set for Transparent Mode
  • D. You must enable "Add" X-Forwarded-For: instead of the "Use" X-Forwarded-For: option.

Answer: D

 

NEW QUESTION 39
Refer to the exhibit.

FortiADC is applying SNAT to all inbound traffic going to the servers. When an attack occurs, FortiWeb blocks traffic based on the 192.0.2.1 source IP address, which belongs to FortiADC. The setup is breaking all connectivity and genuine clients are not able to access the servers.
What must the administrator do to avoid this problem? (Choose two.)

  • A. Enable the Add X-Forwarded-For setting on FortiWeb.
  • B. No Special configuration is required; connectivity will be re-established after the set timeout.
  • C. Place FortiWeb in front of FortiADC.
  • D. Enable the Use X-Forwarded-For setting on FortiWeb.

Answer: C,D

Explanation:
Explanation
Configure your load balancer to insert or append to an X-Forwarded-For:, X-Real-IP:, or other HTTP X-header. Also configure FortiWeb to find the original attacker's or client's IP address in that HTTP header

 

NEW QUESTION 40
True transparent proxy mode is best suited for use in which type of environment?

  • A. Small office to home office environments
  • B. New networks where infrastructure is not yet defined
  • C. Environments where you cannot change the IP addressing scheme
  • D. Flexible environments where you can easily change the IP addressing scheme

Answer: D

Explanation:
Explanation
"Because blocking is not guaranteed to succeed in offline mode, this mode is best used during the evaluation and planning phase, early in implementation. Reverse proxy is the most popular operating mode. It can rewrite URLs, offload TLS, load balance, and apply NAT. For very large MSSP, true transparent mode has a significant advantage. You can drop it in without changing any schemes of limited IPv4 space-in transparent mode, you don't need to give IP addresses to the network interfaces on FortiWeb."

 

NEW QUESTION 41
Which of the following would be a reason for implementing rewrites?

  • A. Page has been moved to a new IP address
  • B. Send connection to secure channel
  • C. Page has been moved to a new URL
  • D. Replace vulnerable functions.

Answer: D

 

NEW QUESTION 42
A client is trying to start a session from a page that would normally be accessible only after the client has logged in.
When a start page rule detects the invalid session access, what can FortiWeb do? (Choose three.)

  • A. Redirect the client to the login page
  • B. Prompt the client to authenticate
  • C. Reply with a 403 Forbidden HTTP error
  • D. Display an access policy message, then allow the client to continue
  • E. Allow the page access, but log the violation

Answer: A,C,E

 

NEW QUESTION 43
Refer to the exhibits.


FortiWeb is configured in reverse proxy mode and it is deployed downstream to FortiGate. Based on the configuration shown in the exhibits, which of the following statements is true?

  • A. The configuration is incorrect. FortiWeb should always be located upstream to FortiGate.
  • B. FortiGate should forward web traffic to the server pool IP addresses.
  • C. You must disable the Preserve Client IP setting on FotriGate for this configuration to work.
  • D. FortiGate should forward web traffic to virtual server IP address.

Answer: D

 

NEW QUESTION 44
......

Verified & Correct NSE6_FWB-6.4 Practice Test Reliable Source Mar 02, 2023 Updated: https://prep4sure.real4dumps.com/NSE6_FWB-6.4-prep4sure-exam.html

Related Articles

more
Fortinet NSE6_FWB-6.4 Certification Practice Exam

We are an official authorized large company offering exam prep, real test dumps and latest dumps which can help you pass exam surely. Your money is guaranteed and will be refunded if you fail the exam.

Latest Exam Questions

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Copyright © 2026 Real4dumps NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy