[2023年11月] 最新のFortinet NSE6_FWB-6.4テスト問題集とオンライン試験エンジン [Q17-Q39]

Share

[2023年11月] 最新のFortinet NSE6_FWB-6.4テスト問題集とオンライン試験エンジン

Fortinet NSE6_FWB-6.4問題を提供していますNSE 6 Network Security Specialist問題集と完璧な解答付き


Fortinet NSE6_FWB-6.4試験は、基本的なネットワークコンセプトに精通し、FortiGateファイアウォールの展開と管理の経験があるネットワークセキュリティ専門家を対象としています。この認定は、セキュリティ管理者、ネットワークエンジニア、その他のIT専門家が、FortiWebの展開と管理における専門知識を証明することを望む場合に最適です。Fortinet NSE6_FWB-6.4認定を取得することで、専門家はキャリアの展望を向上させ、最新のWebアプリケーションセキュリティトレンドに追いつくことに対するコミットメントを証明することができます。


Fortinet NSE6_FWB-6.4(Fortinet NSE 6-FortiWeb 6.4)認定試験は、FortiWebソリューションの展開、構成、管理のIT専門家のスキルと知識を検証する専門家レベルの認定です。 Webアプリケーションのセキュリティ、FortiWebの展開、構成など、さまざまなトピックをカバーしています。認定は世界的に認識されており、雇用主によって高く評価されています。候補者は、Fortinetの公式トレーニングコースを受講したり、試験の目的と推奨リソースを研究したりすることで、試験の準備をすることができます。

 

質問 # 17
You've configured an authentication rule with delegation enabled on FortiWeb.
What happens when a user tries to access the web application?

  • A. ForitWeb redirects the user to the web app's authentication page
  • B. FrotiWeb redirects users to a FortiAuthenticator page, then if the user authenticates successfully, FortiGate signals to FortiWeb to allow access to the web app
  • C. FortiWeb replies with a HTTP challenge of behalf of the server, the if the user authenticates successfully, FortiWeb allows the request and also includes credentials in the request that it forwards to the web app
  • D. FortiWeb forwards the HTTP challenge from the server to the client, then monitors the reply, allowing access if the user authenticates successfully

正解:B


質問 # 18
Which two statements about the anti-defacement feature on FortiWeb are true? (Choose two.)

  • A. FortiWeb will only check to see if there are changes on the web server; it will not download the whole file each time.
  • B. Anti-defacement can redirect users to a backup web server, if it detects a change.
  • C. Anti-defacement downloads a copy of your website to RAM, in order to restore a clean image, if it detects defacement.
  • D. Anti-defacement does not make a backup copy of your databases.

正解:A、D

解説:
Explanation
Anti-defacement backs up web pages only, not databases.
If it detects any file changes, the FortiWeb appliance will download a new backup revision.


質問 # 19
What benefit does Auto Learning provide?

  • A. Automatically blocks all detected threats
  • B. Automatically builds rules sets
  • C. FortiWeb scans all traffic without taking action and makes recommendations on rules
  • D. Automatically identifies and blocks suspicious IPs

正解:B


質問 # 20
Which operation mode does not require additional configuration in order to allow FTP traffic to your web server?

  • A. Offline Protection
  • B. True Transparent Proxy
  • C. Transparent Inspection
  • D. Reverse-Proxy

正解:C


質問 # 21
Which implementation is best suited for a deployment that must meet compliance criteria?

  • A. SSL Offloading with FortiWeb in Transparency Mode
  • B. SSL Offloading with FortiWeb in reverse proxy mode
  • C. SSL Inspection with FortiWeb in Transparency mode
  • D. SSL Inspection with FrotiWeb in Reverse Proxy mode

正解:D


質問 # 22
Which two statements about running a vulnerability scan are true? (Choose two.)

  • A. You should run the vulnerability scan on a live website to get accurate results.
  • B. Vulnerability scanning increases the load on FortiWeb, so it should be avoided.
  • C. You should run the vulnerability scan during a maintenance window.
  • D. You should run the vulnerability scan in a test environment.

正解:C、D

解説:
Explanation
Should the Vulnerability Scanner allow it, SVMS will set the scan schedule (or schedules) to run in a maintenance window. SVMS will advise Client of the scanner's ability to complete the scan(s) within the maintenance window.
Vulnerabilities on live web sites. Instead, duplicate the web site and its database in a test environment.


質問 # 23
You are configuring FortiAnalyzer to store logs from FortiWeb.
Which is true?

  • A. FortiAnalyzer will store antivirus and DLP archives from FortiWeb.
  • B. To store logs from FortiWeb 6.4, on FortiAnalyzer, you must select "FrotiWeb 6.1".
  • C. FortiWeb will query FortiAnalyzer for reports, instead of generating them locally.
  • D. You must enable ADOMs on FortiAnalyzer.

正解:D


質問 # 24
What can an administrator do if a client has been incorrectly period blocked?

  • A. Disconnect the client from the network.
  • B. Manually release the ID address from the temporary blacklist.
  • C. Force a new IP address to the client.
  • D. Nothing, it is not possible to override a period block.

正解:B

解説:
Explanation
Block Period
Enter the number of seconds that you want to block the requests. The valid range is 1-3,600 seconds. The default value is 60 seconds.
This option only takes effect when you choose Period Block in Action.
Note: That's a temporary blacklist so you can manually release them from the blacklist.


質問 # 25
Refer to the exhibits.


FortiWeb is configured in reverse proxy mode and it is deployed downstream to FortiGate. Based on the configuration shown in the exhibits, which of the following statements is true?

  • A. You must disable the Preserve Client IP setting on FotriGate for this configuration to work.
  • B. FortiGate should forward web traffic to the server pool IP addresses.
  • C. FortiGate should forward web traffic to virtual server IP address.
  • D. The configuration is incorrect. FortiWeb should always be located upstream to FortiGate.

正解:C


質問 # 26
A client is trying to start a session from a page that would normally be accessible only after the client has logged in.
When a start page rule detects the invalid session access, what can FortiWeb do? (Choose three.)

  • A. Allow the page access, but log the violation
  • B. Prompt the client to authenticate
  • C. Display an access policy message, then allow the client to continue
  • D. Reply with a 403 Forbidden HTTP error
  • E. Redirect the client to the login page

正解:A、D、E


質問 # 27
True transparent proxy mode is best suited for use in which type of environment?

  • A. New networks where infrastructure is not yet defined
  • B. Environments where you cannot change the IP addressing scheme
  • C. Flexible environments where you can easily change the IP addressing scheme
  • D. Small office to home office environments

正解:C

解説:
Explanation
"Because blocking is not guaranteed to succeed in offline mode, this mode is best used during the evaluation and planning phase, early in implementation. Reverse proxy is the most popular operating mode. It can rewrite URLs, offload TLS, load balance, and apply NAT. For very large MSSP, true transparent mode has a significant advantage. You can drop it in without changing any schemes of limited IPv4 space-in transparent mode, you don't need to give IP addresses to the network interfaces on FortiWeb."


質問 # 28
What key factor must be considered when setting brute force rate limiting and blocking?

  • A. Multiple clients from geographically diverse locations
  • B. Multiple clients sharing a single Internet connection
  • C. Multiple clients connecting to multiple resources
  • D. A single client contacting multiple resources

正解:B

解説:
Explanation
https://training.fortinet.com/course/view.php?id=3363 What is one key factor that you must consider when setting brute force rate limiting and blocking? Multiple clients sharing a single Internet connection


質問 # 29
In which operation mode(s) can FortiWeb modify HTTP packets? (Choose two.)

  • A. Reverse proxy
  • B. Transparent Inspection
  • C. Offline protection
  • D. True transparent proxy

正解:A、D


質問 # 30
When is it possible to use a self-signed certificate, rather than one purchased from a commercial certificate authority?

  • A. If you are a small business or home office
  • B. If you are an enterprise whose resources do not need security
  • C. If you are an enterprise whose computers all trust your active directory or other CA server
  • D. If you are an enterprise whose employees use only mobile devices

正解:C


質問 # 31
A client is trying to start a session from a page that should normally be accessible only after they have logged in.
When a start page rule detects the invalid session access, what can FortiWeb do? (Choose three.)

  • A. Reply with a "403 Forbidden" HTTP error
  • B. Display an access policy message, then allow the client to continue, redirecting them to their requested page
  • C. Allow the page access, but log the violation
  • D. Automatically redirect the client to the login page
  • E. Prompt the client to authenticate

正解:A、C、D


質問 # 32
In Reverse proxy mode, how does FortiWeb handle traffic that does not match any defined policies?

  • A. Non-matching traffic is Denied
  • B. Non-matching traffic is allowed
  • C. non-Matching traffic is held in buffer
  • D. Non-matching traffic is rerouted to FortiGate

正解:A


質問 # 33
What role does FortiWeb play in ensuring PCI DSS compliance?

  • A. It provides the ability to securely process cash transactions.
  • B. It provides credit card processing capabilities.
  • C. It provides the WAF required by PCI.
  • D. It provides the required SQL server protection.

正解:C


質問 # 34
Which would be a reason to implement HTTP rewriting?

  • A. The original page has moved to a new IP address
  • B. To send the request to secure channel
  • C. The original page has moved to a new URL
  • D. To replace a vulnerable function in the requested URL

正解:D

解説:
Explanation
Create a new URL rewriting rule.


質問 # 35
Which of the following is true about Local User Accounts?

  • A. Can be used for Single Sign On
  • B. Can be used for site publishing
  • C. Best suited for large environments with many users
  • D. Must be assigned regardless of any other authentication

正解:B


質問 # 36
When FortiWeb triggers a redirect action, which two HTTP codes does it send to the client to inform the browser of the new URL? (Choose two.)

  • A. 0
  • B. 1
  • C. 2
  • D. 3

正解:B、C


質問 # 37
In which scenario might you want to use the compression feature on FortiWeb?

  • A. When you are offering a music streaming service
  • B. Never, since most traffic today is already highly compressed
  • C. When you want to reduce buffering of video streams
  • D. When you are serving many corporate road warriors using 4G tablets and phones

正解:D

解説:
Explanation
https://training.fortinet.com/course/view.php?id=3363
When might you want to use the compression feature on FortiWeb? When you are serving many road warriors who are using 4G tablets and phones


質問 # 38
How does your FortiWeb configuration differ if the FortiWeb is upstream of the SNAT device instead of downstream of the SNAT device?

  • A. You must enable the "Use" X-Forwarded-For: option.
  • B. No special configuration required
  • C. FortiWeb must be set for Transparent Mode
  • D. You must enable "Add" X-Forwarded-For: instead of the "Use" X-Forwarded-For: option.

正解:D


質問 # 39
......

2023年最新のNSE6_FWB-6.4テスト解説(更新されたのは58問があります):https://jp.fast2test.com/NSE6_FWB-6.4-premium-file.html

信頼され続けるNSE6_FWB-6.4試験のコツがあるPDF試験材料:https://drive.google.com/open?id=1PWFDmg5oVe_kjuUfvsYJUApTxg3M9GCt


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어