• Home
  • Articles
  • [Oct-2021] NSE6_FWB-6.0 Dumps Full Questions - Fortinet Certification Exam Study Guide [Q12-Q35]

[Oct-2021] NSE6_FWB-6.0 Dumps Full Questions - Fortinet Certification Exam Study Guide [Q12-Q35]

Share

[Oct-2021] NSE6_FWB-6.0 Dumps Full Questions - Fortinet Certification Exam Study Guide

Exam Questions and Answers for  NSE6_FWB-6.0 Study Guide

NEW QUESTION 12
Which of the following FortiWeb features is part of the mitigation tools against OWASP A4 threats?

  • A. Session Management
  • B. Sensitive info masking
  • C. Poison Cookie detection
  • D. Brute Force blocking

Answer: A

 

NEW QUESTION 13

  • A. You must put the single web server into a server pool in order to use it with HTTP content routing.
  • B. To achieve HTTP content routing, you must chain policies: the first policy accepts all traffic, and forwards requests for web app A to the virtual server for policy
  • C. The server policy applies the same protection profile to all its protected web apps.
  • D. Static or policy-based routes are not required.
  • E. Policy A and Policy B apply their app-specific protection profiles, and then distribute that app's traffic among all members of the server farm.
  • F. It also forwards requests for web app B to the virtual serverfor policy

Answer: B,E

 

NEW QUESTION 14
How does an ADOM differ from a VDOM?

  • A. Allows you to have 1 administrator for multiple tenants
  • B. ADOMs do not have virtual networking
  • C. ADOMs only affect specific functions, and do not provide full separation like VDOMs do.
  • D. ADOMs improve performance by offloading some functions.

Answer: A

 

NEW QUESTION 15
Which implementation is bestsuited for a deployment that must meet compliance criteria?

  • A. SSL Inspection with FortiWeb in Transparency mode
  • B. SSL Offloading with FortiWeb inTransparency Mode
  • C. SSL Inspection with FrotiWeb in Reverse Proxy mode
  • D. SSL Offloading with FortiWeb in reverse proxy mode

Answer: C

 

NEW QUESTION 16
Which is true about HTTPS on FortiWeb? (Choose three.)

  • A. In true transparent mode, the TLS session terminator is a protected web server.
  • B. In transparent inspection mode, you select which certificate that FortiWeb will present in the server pool, not in the server policy.
  • C. Enabling RC4 protects against the BEAST attack, but is not recommended if you configure FortiWeb to only offer TLS 1.2.
  • D. After enabling HSTS, redirects to HTTPS are no longer necessary.
  • E. For SNI, you select the certificate that FortiWeb will present in the server pool, not in the server policy.

Answer: A,B,E

 

NEW QUESTION 17
What can an administrator do if a client has been incorrectly Period Blocked?

  • A. Nothing, it is not possible to override a Period Block
  • B. Manually release the IP from thetemporary Blacklist
  • C. Force a new IP address to the client.
  • D. Disconnect the client from the network

Answer: B

 

NEW QUESTION 18
In Reverse proxy mode, how does FortiWeb handle traffic that does not match any defined policies?

  • A. Non-matching traffic is Denied
  • B. Non-matching traffic is rerouted to FortiGate
  • C. Non-matching traffic is allowed
  • D. non-Matching traffic is held in buffer

Answer: A

 

NEW QUESTION 19
You are deploying FortiWeb6.0 in an Amazon Web Services cloud. Which 2 lines of this initial setup via CLI are incorrect? (Choose two.)

  • A. 0
  • B. 1
  • C. 2
  • D. 3

Answer: B,C

 

NEW QUESTION 20
What is one of the key benefits of the FortiGuard IP Reputation feature?

  • A. Provides a Document of IP addresses that are suspect, so that administrators can manually update their blacklists
  • B. FortiGuard maintains a list of public IPs with a bad reputation for participating in attacks.
  • C. It maintains a list of private IP addresses
  • D. It is updated once per year

Answer: B

 

NEW QUESTION 21
How does your FortiWeb configuration differ if the FortiWeb is upstream of the SNAT device instead of downstream of the SNAT device?

  • A. You must enable "Add" X-Forwarded-For: instead of the "Use" X-Forwarded-For: option.
  • B. No special configuration required
  • C. FortiWeb must be set for Transparent Mode
  • D. You must enable the "Use" X-Forwarded-For: option.

Answer: D

 

NEW QUESTION 22
A client is trying tostart a session from a page that should normally be accessible only after they have logged in.
When a start page rule detects the invalid session access, what can FortiWeb do? (Choose three.)

  • A. Allow the page access, but log the violation
  • B. Automatically redirect the client to the login page
  • C. Prompt the client to authenticate
  • D. Display an access policy message, then allow the client to continue, redirecting them to their requested page
  • E. Reply with a "403 Forbidden" HTTP error

Answer: A,B,E

 

NEW QUESTION 23
Reverse-proxy mode is best suited for use in which type of environment?

  • A. Flexible environments where you can easily change the IP addressing scheme
  • B. Small Office/Home Office environments
  • C. New networks where infrastructure is not yet defined
  • D. Environments where you cannot change your IP addressing scheme

Answer: D

 

NEW QUESTION 24
......

Fortinet NSE 6 - FortiWeb 6.0 Free Update With 100% Exam Passing Guarantee: https://www.actualcollection.com/NSE6_FWB-6.0-exam-questions.html

Related Articles

more
Fortinet NSE6_FWB-6.0 Certification Practice Exam

Copyright © 2026 ActualCollection NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy