NSE6_FWB-6.4無料問題集「Fortinet NSE 6

質問 1

Refer to the exhibits.

FortiWeb is configured in reverse proxy mode and it is deployed downstream to FortiGate. Based on the configuration shown in the exhibits, which of the following statements is true?

（A）The configuration is incorrect. FortiWeb should always be located upstream to FortiGate.

（B）FortiGate should forward web traffic to the server pool IP addresses.

（C）FortiGate should forward web traffic to virtual server IP address.

（D）You must disable the Preserve Client IP setting on FotriGate for this configuration to work.

正解：C 解答を投票する

質問 2

Review the following configuration:

What is the expected result of this configuration setting?

（A）When machine learning (ML) is in its collecting phase, FortiWeb will not accept any samples from any source IP addresses.

（B）When machine learning (ML) is in its collecting phase, FortiWeb will accept an unlimited number of samples from the same source IP address.

（C）When machine learning (ML) is in its running phase, FortiWeb will accept a set number of samples from the same source IP address.

（D）When machine learning (ML) is in its running phase, FortiWeb will accept an unlimited number of samples from the same source IP address.

正解：B 解答を投票する

質問 3

You are using HTTP content routing on FortiWeb. You want requests for web application A to be forwarded to a cluster of web servers, which all host the same web application. You want requests for web application B to be forwarded to a different, single web server.
Which statement about this solution is true?

（A）The server policy applies the same protection profile to all of its protected web applications.

（B）Static or policy-based routes are not required.

（C）You must put the single web server in to a server pool, in order to use it with HTTP content routing.

（D）You must chain policies so that requests for web application A go to the virtual server for policy A, and requests for web application B go to the virtual server for policy B.

正解：B 解答を投票する

質問 4

Refer to the exhibit.

FortiADC is applying SNAT to all inbound traffic going to the servers. When an attack occurs, FortiWeb blocks traffic based on the 192.0.2.1 source IP address, which belongs to FortiADC. The setup is breaking all connectivity and genuine clients are not able to access the servers.
What must the administrator do to avoid this problem? (Choose two.)

（A）Enable the Add X-Forwarded-For setting on FortiWeb.

（B）No Special configuration is required; connectivity will be re-established after the set timeout.

（C）Place FortiWeb in front of FortiADC.

（D）Enable the Use X-Forwarded-For setting on FortiWeb.

正解：C、D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 5

In which two operating modes can FortiWeb modify HTTP packets? (Choose two.)

（A）Transparent inspection

（B）Reverse proxy

（C）True transparent proxy

（D）Offline protection

正解：B、C 解答を投票する

質問 6

You are using HTTP content routing on FortiWeb. Requests for web app A should be forwarded to a cluster of web servers which all host the same web app. Requests for web app B should be forwarded to a different, single web server.
Which is true about the solution?

（A）You must put the single web server into a server pool in order to use it with HTTP content routing.

（B）Static or policy-based routes are not required.

（C）The server policy applies the same protection profile to all its protected web apps.

（D）To achieve HTTP content routing, you must chain policies: the first policy accepts all traffic, and forwards requests for web app A to the virtual server for policy A. It also forwards requests for web app B to the virtual server for policy B. Policy A and Policy B apply their app-specific protection profiles, and then distribute that app's traffic among all members of the server farm.

正解：D 解答を投票する

NSE6_FWB-6.4 無料問題集「Fortinet NSE 6 - FortiWeb 6.4」

弊社を連絡する

関連リンク

トップ試験