Fortinet NSE5_FWB_AD-8.0 - Fortinet NSE 5 - FortiWeb 8.0 Administrator Exam
Page: 1 / 8
Total 36 questions
Question #1 (Topic: Exam A)
Refer to the exhibit.
You are a FortiWeb administrator. FortiWeb is deployed between a FortiGate and two back-end web servers, as shown in the diagram. No server policies are currently configured on FortiWeb.
While testing, you notice that a student system in the 100.64.0.0/24 network is still able to access the back-end servers in 10.1.1.0/24, even though FortiWeb is not logging or inspecting the traffic.
Which action should you take to ensure FortiWeb blocks or inspects all traffic before it reaches the back-end servers?
You are a FortiWeb administrator. FortiWeb is deployed between a FortiGate and two back-end web servers, as shown in the diagram. No server policies are currently configured on FortiWeb.
While testing, you notice that a student system in the 100.64.0.0/24 network is still able to access the back-end servers in 10.1.1.0/24, even though FortiWeb is not logging or inspecting the traffic.
Which action should you take to ensure FortiWeb blocks or inspects all traffic before it reaches the back-end servers?
A. Configure FortiWeb in transparent mode to force traffic inspection.
B. Enable network address translation (NAT) mode on FortiWeb to hide the backend server IP addresses.
C. Add static routes on FortiGate to route traffic back through the FortiWeb internal interface.
D. Disable ip-forward to prevent traffic from passing through FortiWeb without a matching server policy.
Answer: D
Question #2 (Topic: Exam A)
Which URL should you rewrite to reduce security risk?
A. https://www.example.com/25.3.6/Browse/MediaData
B. https://www.example.com/wordpress/?feed=rss2
C. https://www.example.com/products/today
D. https://www.example.com/about/team
Answer: A
Question #3 (Topic: Exam A)
You are setting up a FortiWeb policy to protect a customer login portal. Users connect to https://login.training.lab, and you want FortiWeb to forward those requests to a load-balanced pool of back-end servers.
Which three components must you configure to complete the server policy?
Which three components must you configure to complete the server policy?
A. Real server, IPsec tunnel, and static route
B. Web application firewall (WAF) profile, DoS policy, and server name indication (SNI)-based certificate
C. Virtual server, server pool, and port settings (service)
D. DNS resolver, URL rewrite rule, and HTTP health check
Answer: C
Question #4 (Topic: Exam A)
Refer to the exhibit.
A FortiWeb administrator notices an alert triggered under the Threshold Based Detection category, with the message: Threshold Based Content Scraping Detection (Bot Detection) violation.
Based on the log details, what is the most likely cause of this alert?
A FortiWeb administrator notices an alert triggered under the Threshold Based Detection category, with the message: Threshold Based Content Scraping Detection (Bot Detection) violation.
Based on the log details, what is the most likely cause of this alert?
A. An automated script or bot systematically accessing multiple pages to extract web content
B. A layer 4 SYN flood attack overwhelming the web server
C. A client sending malformed HTTP requests due to browser incompatibility
D. A vulnerability scanner triggering rate limits by simulating browser behavior
Answer: A
Question #5 (Topic: Exam A)
Your e-commerce platform is experiencing frequent SQL injection attempts. You need FortiWeb to actively inspect, enforce, and block attacks inline before traffic reaches the web servers.
The deployment must support the full FortiWeb security feature set without operational limitations, including protocol validation, attack detection, and policy enforcement.
Which FortiWeb operation mode should you configure to proactively intercept and block threats such as SQL injection attempts?
The deployment must support the full FortiWeb security feature set without operational limitations, including protocol validation, attack detection, and policy enforcement.
Which FortiWeb operation mode should you configure to proactively intercept and block threats such as SQL injection attempts?
A. Reverse proxy
B. Web Cache Communication Protocol (WCCP) integration mode
C. Transparent bridge mode
D. Offline protection
Answer: A
