FCP_FWB_AD-7.4 Exam Questions

Refer to the exhibit. A FortiWeb device is deployed upstream of a device performing source network address translation (SNAT) or load balancing. What configuration must you perform...

Refer to the exhibit. Attack ID 20000010 is brute force logins. Which statement is accurate about the potential attack?

Which three stages are part of creating a machine learning (ML) bot detection algorithm? (Choose three.)

Under which two circumstances does FortiWeb use its own certificates? (Choose two.)

You are using HTTP content routing on FortiWeb. You want requests for web application A to be forwarded to a cluster of web servers, which all host the same web application. You wa...

What can a FortiWeb administrator do if a client has been incorrectly period blocked?

Which two functions does the first layer of the FortiWeb anomaly machine learning (ML) analysis mechanism perform? (Choose two.)

Which Layer 7 routing method does FortiWeb support?

Which command will enable debugging for the FortiWeb user tracking feature?

Refer to the exhibit. What is true about this FortiWeb device? (Choose two.)

Which high availability (HA) mode uses gratuitous Address Resolution Protocol (ARP) to advertise a failover event to neighboring network devices?

In SAML deployments, which server contains user authentication credentials (username/password)?

What are two possible impacts of a DoS attack on your web server? (Choose two.)

Which two items can be defined in a FortiWeb XML Protection Rule? (Choose two.)

Which two statements about running a vulnerability scan are true? (Choose two.)

An administrator notices multiple IP addresses attempting to log in to an application frequently, within a short time period. They suspect attackers are attempting to guess user pa...

Review the following configuration: Which result would you expect from this configuration setting?

Refer to the exhibit. What can you conclude from this support vector machine (SVM) plot of a potential bot connection?

What are two results of enabling monitor mode on FortiWeb? (Choose two.)

Which two objects are required to configure a server policy in reverse proxy mode without content routing? (Choose two.)

When is it possible to use a self-signed certificate, rather than one purchased from a commercial certificate authority?

Refer to the exhibit. Which statement is true?

How are bot machine learning (ML) models different from API or anomaly detection models?

In which two operating modes can FortiWeb modify HTTP packets? (Choose two.)

Which three security features must you configure on FortiWeb to protect API connections? (Choose three.)

Refer to the exhibit. FortiADC is applying SNAT to all inbound traffic going to the servers. When an attack occurs, FortiWeb blocks traffic based on the 192.0.2.1 source IP address...

When is it possible to use a self-signed certificate, rather than one purchased from a commercial certificate authority?

In which scenario might you want to use the compression feature on FortiWeb?

The FortiWeb machine learning (ML) feature is a two-phase analysis mechanism. Which two functions does the first layer perform? (Choose two.)

In which two operating modes can FortiWeb modify HTTP packets? (Choose two.)

When viewing the attack logs on FortiWeb, which client IP address is shown when you are using XFF header rules?

Which three statements about HTTPS on FortiWeb are true? (Choose three.)

When user tracking is configured, how does FortiWeb identify which users to track?

Which algorithm is used to build mathematical models for bot detection?

A client is trying to start a session from a page that would normally be accessible only after the client has logged in. When a start page rule detects the invalid session access,...

What must you do with your FortiWeb logs to ensure PCI DSS compliance?

What role does FortiWeb play in ensuring PCI DSS compliance?

In which operation mode does FortiWeb offer both the ability to offload SSL as well as re-encrypt SSL?

What are two advantages of using the URL rewriting and redirecting feature on FortiWeb? (Choose two.)

Which two statements about the anti-defacement feature on FortiWeb are true? (Choose two.)

Which implementation is most suited for a deployment that must meet PCI DSS compliance criteria?

Review the following configuration: What are two routing behaviors that you can expect on FortiWeb after this configuration change? (Choose two.)

An attacker attempts to send an SQL injection attack containing the known attack string 'root'; -- through an API call. Which FortiWeb inspection feature will be able to detect thi...

Refer to the exhibit. What are two additional configuration elements that you must be configure for this API gateway? (Choose two.)

Which would be a reason to implement HTTP rewriting?

What is the difference between an API gateway protection schema and a machine learning (ML) API protection schema?

Refer to the exhibits. What will happen when a client attempts a mousedown cross-site scripting highlighted signature?

Which high availability mode is commonly used to integrate with a traffic distributer like FortiADC?

A customer wants to be able to index your websites for search and advertisement purposes. What is the easiest way to allow this on a FortiWeb?

You can configure FortiWeb to send traffic to third-party IPS/IDS devices through network interfaces for traffic monitoring. Which two operation modes support this feature? (Choose...