Fortinet NSE5_FWB_AD-8.0 - Fortinet NSE 5 - FortiWeb 8.0 Administrator Exam
Page: 2 / 8
Total 36 questions
Question #6 (Topic: Exam A)
Refer to the exhibit.
A FortiWeb administrator tests a new form input value after training the machine learning (ML) anomaly detection system.
The hidden Markov model (HMM) flags the input as abnormal, while the support vector machine (SVM) model classifies it as normal. FortiWeb allows the request.
What does this result indicate about the FortiWeb ML anomaly detection behavior?
A FortiWeb administrator tests a new form input value after training the machine learning (ML) anomaly detection system.
The hidden Markov model (HMM) flags the input as abnormal, while the support vector machine (SVM) model classifies it as normal. FortiWeb allows the request.
What does this result indicate about the FortiWeb ML anomaly detection behavior?
A. FortiWeb is correctly allowing an unusual but non-malicious input based on combined HMM and SVM evaluation.
B. The anomaly detection thresholds are too low and must be increased.
C. FortiWeb failed to detect an attack and should have blocked the request.
D. One of the ML models should be disabled to avoid inconsistent results.
Answer: A
Question #7 (Topic: Exam A)
A third-party penetration test reveals that users can bypass login controls through a mobile API. Your current FortiWeb configuration includes zero trust network access (ZTNA) profiles and cookie security, but API protection and client management are not enabled. The security team asks you to recommend the most effective way to close this gap.
Which FortiWeb adjustment would best prevent future unauthorized API access?
Which FortiWeb adjustment would best prevent future unauthorized API access?
A. Switch to a reverse-proxy mode to bypass cookie-based controls.
B. Enable API protection and client management to enforce identity checks on mobile API traffic.
C. Log only API traffic and rely on FortiAnalyzer for future alerts.
D. Replace ZTNA with bot protection to reduce false positives.
Answer: B
Question #8 (Topic: Exam A)
Which statement best describes the difference between SAML authentication and HTML authentication in FortiWeb site publishing?
A. SAML authentication delegates login to an external system, while HTML authenticates directly on FortiWeb.
B. SAML authentication is used for internal apps while HTML authentication is used for cloud apps.
C. SAML authentication encrypts passwords while HTML authentication sends passwords in cleartext format.
D. SAML authentication uses a passwordless login, while HTML authentication uses tokens.
Answer: A
Question #9 (Topic: Exam A)
Refer to the exhibit.
You are deploying FortiWeb to handle HTTPS traffic from clients and forward cleartext traffic to a back-end server.
You want FortiWeb to decrypt the HTTPS session, inspect the traffic, and then send the traffic to the server using HTTP.
What can you configure on FortiWeb to make this behavior happen?
You are deploying FortiWeb to handle HTTPS traffic from clients and forward cleartext traffic to a back-end server.
You want FortiWeb to decrypt the HTTPS session, inspect the traffic, and then send the traffic to the server using HTTP.
What can you configure on FortiWeb to make this behavior happen?
A. Enable reencryption on the back-end interface so the server receives HTTPS traffic.
B. Configure passive SSL inspection so FortiWeb analyzes encrypted packets without terminating SSL.
C. Configure FortiWeb to reuse the same certificate for inbound and outbound HTTPS traffic without decrypting traffic.
D. Enable SSL offloading so FortiWeb terminates the client's HTTPS session and forwards decrypted HTTP traffic to the back-end server.
Answer: D
Question #10 (Topic: Exam A)
A user from group B sends 150 requests in one minute to this endpoint:
Group B users are allowed access to only /api/v1/reports and are limited to 50 requests per minute.
What should the FortiWeb administrator configure to stop this abuse?
Group B users are allowed access to only /api/v1/reports and are limited to 50 requests per minute.
What should the FortiWeb administrator configure to stop this abuse?
A. Move the user to group A to increase their limit.
B. Apply group-based rate limiting to restrict group B users to 50 requests per minute.
C. Nothing. They should allow the request because the API key is valid.
D. Change the host to block access to /api/v1/data.
Answer: B
