2024年01月09日に更新された最新のリアルNSE6_FWB-6.4問題集でNSE6_FWB-6.4試験問題 [Q29-Q54]

Share

2024年01月09日に更新された最新のFast2test NSE6_FWB-6.4試験問題リアルNSE6_FWB-6.4問題集で

NSE6_FWB-6.4別格な問題集で最上級の成績にさせるNSE6_FWB-6.4問題

質問 # 29
You are using HTTP content routing on FortiWeb. You want requests for web application A to be forwarded to a cluster of web servers, which all host the same web application. You want requests for web application B to be forwarded to a different, single web server.
Which statement about this solution is true?

  • A. You must chain policies so that requests for web application A go to the virtual server for policy A, and requests for web application B go to the virtual server for policy B.
  • B. The server policy applies the same protection profile to all of its protected web applications.
  • C. Static or policy-based routes are not required.
  • D. You must put the single web server in to a server pool, in order to use it with HTTP content routing.

正解:C


質問 # 30
When is it possible to use a self-signed certificate, rather than one purchased from a commercial certificate authority?

  • A. If you are an enterprise whose employees use only mobile devices
  • B. If you are an enterprise whose computers all trust your active directory or other CA server
  • C. If you are an enterprise whose resources do not need security
  • D. If you are a small business or home office

正解:B


質問 # 31
What capability can FortiWeb add to your Web App that your Web App may or may not already have?

  • A. HTTP/HTML Form Authentication
  • B. SSL Inspection
  • C. High Availability
  • D. Automatic backup and recovery

正解:A


質問 # 32
Review the following configuration:

What is the expected result of this configuration setting?

  • A. When machine learning (ML) is in its collecting phase, FortiWeb will accept an unlimited number of samples from the same source IP address.
  • B. When machine learning (ML) is in its running phase, FortiWeb will accept a set number of samples from the same source IP address.
  • C. When machine learning (ML) is in its running phase, FortiWeb will accept an unlimited number of samples from the same source IP address.
  • D. When machine learning (ML) is in its collecting phase, FortiWeb will not accept any samples from any source IP addresses.

正解:A


質問 # 33
In Reverse proxy mode, how does FortiWeb handle traffic that does not match any defined policies?

  • A. Non-matching traffic is rerouted to FortiGate
  • B. Non-matching traffic is Denied
  • C. non-Matching traffic is held in buffer
  • D. Non-matching traffic is allowed

正解:B


質問 # 34
What key factor must be considered when setting brute force rate limiting and blocking?

  • A. Multiple clients from geographically diverse locations
  • B. A single client contacting multiple resources
  • C. Multiple clients connecting to multiple resources
  • D. Multiple clients sharing a single Internet connection

正解:D

解説:
Explanation
https://training.fortinet.com/course/view.php?id=3363 What is one key factor that you must consider when setting brute force rate limiting and blocking? Multiple clients sharing a single Internet connection


質問 # 35
Which is true about HTTPS on FortiWeb? (Choose three.)

  • A. For SNI, you select the certificate that FortiWeb will present in the server pool, not in the server policy.
  • B. After enabling HSTS, redirects to HTTPS are no longer necessary.
  • C. In transparent inspection mode, you select which certificate that FortiWeb will present in the server pool, not in the server policy.
  • D. Enabling RC4 protects against the BEAST attack, but is not recommended if you configure FortiWeb to only offer TLS 1.2.
  • E. In true transparent mode, the TLS session terminator is a protected web server.

正解:A、C、E


質問 # 36
You are configuring FortiAnalyzer to store logs from FortiWeb.
Which is true?

  • A. FortiAnalyzer will store antivirus and DLP archives from FortiWeb.
  • B. To store logs from FortiWeb 6.4, on FortiAnalyzer, you must select "FrotiWeb 6.1".
  • C. FortiWeb will query FortiAnalyzer for reports, instead of generating them locally.
  • D. You must enable ADOMs on FortiAnalyzer.

正解:D


質問 # 37
When generating a protection configuration from an auto learning report what critical step must you do before generating the final protection configuration?

  • A. Restart the FortiWeb to clear the caches
  • B. Activate the report to create t profile
  • C. Drill down in the report to correct any false positives.
  • D. Take the FortiWeb offline to apply the profile

正解:C


質問 # 38
When FortiWeb triggers a redirect action, which two HTTP codes does it send to the client to inform the browser of the new URL? (Choose two.)

  • A. 0
  • B. 1
  • C. 2
  • D. 3

正解:C、D


質問 # 39
You are using HTTP content routing on FortiWeb. Requests for web app A should be forwarded to a cluster of web servers which all host the same web app. Requests for web app B should be forwarded to a different, single web server.
Which is true about the solution?

  • A. You must put the single web server into a server pool in order to use it with HTTP content routing.
  • B. Static or policy-based routes are not required.
  • C. To achieve HTTP content routing, you must chain policies: the first policy accepts all traffic, and forwards requests for web app A to the virtual server for policy A. It also forwards requests for web app B to the virtual server for policy B. Policy A and Policy B apply their app-specific protection profiles, and then distribute that app's traffic among all members of the server farm.
  • D. The server policy applies the same protection profile to all its protected web apps.

正解:C


質問 # 40
Which of the following would be a reason for implementing rewrites?

  • A. Page has been moved to a new IP address
  • B. Page has been moved to a new URL
  • C. Send connection to secure channel
  • D. Replace vulnerable functions.

正解:D


質問 # 41
True transparent proxy mode is best suited for use in which type of environment?

  • A. New networks where infrastructure is not yet defined
  • B. Environments where you cannot change the IP addressing scheme
  • C. Small office to home office environments
  • D. Flexible environments where you can easily change the IP addressing scheme

正解:D

解説:
Explanation
"Because blocking is not guaranteed to succeed in offline mode, this mode is best used during the evaluation and planning phase, early in implementation. Reverse proxy is the most popular operating mode. It can rewrite URLs, offload TLS, load balance, and apply NAT. For very large MSSP, true transparent mode has a significant advantage. You can drop it in without changing any schemes of limited IPv4 space-in transparent mode, you don't need to give IP addresses to the network interfaces on FortiWeb."


質問 # 42
Which of the following FortiWeb features is part of the mitigation tools against OWASP A4 threats?

  • A. Brute Force blocking
  • B. Session Management
  • C. Poison Cookie detection
  • D. Sensitive info masking

正解:B


質問 # 43
How does offloading compression to FortiWeb benefit your network?

  • A. free up resources on the FortiGate
  • B. Free up resources on the web server
  • C. free up resources on the database server
  • D. reduces file size on the client's storage

正解:B


質問 # 44
In which operation mode(s) can FortiWeb modify HTTP packets? (Choose two.)

  • A. Transparent Inspection
  • B. Offline protection
  • C. Reverse proxy
  • D. True transparent proxy

正解:C、D


質問 # 45
Which implementation is best suited for a deployment that must meet compliance criteria?

  • A. SSL Inspection with FortiWeb in Transparency mode
  • B. SSL Offloading with FortiWeb in Transparency Mode
  • C. SSL Offloading with FortiWeb in reverse proxy mode
  • D. SSL Inspection with FrotiWeb in Reverse Proxy mode

正解:D


質問 # 46
A client is trying to start a session from a page that would normally be accessible only after the client has logged in.
When a start page rule detects the invalid session access, what can FortiWeb do? (Choose three.)

  • A. Allow the page access, but log the violation
  • B. Redirect the client to the login page
  • C. Prompt the client to authenticate
  • D. Display an access policy message, then allow the client to continue
  • E. Reply with a 403 Forbidden HTTP error

正解:A、B、E


質問 # 47
In which scenario might you want to use the compression feature on FortiWeb?

  • A. When you are serving many corporate road warriors using 4G tablets and phones
  • B. When you want to reduce buffering of video streams
  • C. When you are offering a music streaming service
  • D. Never, since most traffic today is already highly compressed

正解:A

解説:
Explanation
https://training.fortinet.com/course/view.php?id=3363
When might you want to use the compression feature on FortiWeb? When you are serving many road warriors who are using 4G tablets and phones


質問 # 48
Which would be a reason to implement HTTP rewriting?

  • A. To send the request to secure channel
  • B. The original page has moved to a new URL
  • C. To replace a vulnerable function in the requested URL
  • D. The original page has moved to a new IP address

正解:C

解説:
Explanation
Create a new URL rewriting rule.


質問 # 49
You are deploying FortiWeb 6.4 in an Amazon Web Services cloud. Which 2 lines of this initial setup via CLI are incorrect? (Choose two.)

  • A. 0
  • B. 1
  • C. 2
  • D. 3

正解:B、D


質問 # 50
What must you do with your FortiWeb logs to ensure PCI DSS compliance?

  • A. Store in an off-site location
  • B. Enable masking of sensitive data
  • C. Erase them every two weeks
  • D. Compress them into a .zip file format

正解:B


質問 # 51
......

NSE6_FWB-6.4試験問題集でベストNSE6_FWB-6.4試験問題を試そう:https://jp.fast2test.com/NSE6_FWB-6.4-premium-file.html

手に入れよう!最新NSE6_FWB-6.4認定有効な試験問題集解答:https://drive.google.com/open?id=1PWFDmg5oVe_kjuUfvsYJUApTxg3M9GCt


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어