• ホーム
  • ブログ
  • NSE6_FWB-6.1問題一発合格させる問題集はNSE 6 Network Security Specialist認定で! [Q11-Q28]

NSE6_FWB-6.1問題一発合格させる問題集はNSE 6 Network Security Specialist認定で! [Q11-Q28]

Share

NSE6_FWB-6.1問題一発合格させる問題集はNSE 6 Network Security Specialist認定で!

NSE6_FWB-6.1練習テストPDF試験材料

質問 11
Which statement about local user accounts is true?

  • A. They are best suited for large environments with many users.
  • B. They can be used for SSO.
  • C. They must be assigned, regardless of any other authentication.
  • D. They cannot be used for site publishing.

正解: B

解説:
You can configure the Remedy Single Sign-On server to authenticate TrueSight Capacity Optimization users as local users.

 

質問 12
Review the following configuration:

What is the expected result of this configuration setting?

  • A. When machine learning (ML) is in its collecting phase, FortiWeb will not accept any samples from any source IP addresses.
  • B. When machine learning (ML) is in its running phase, FortiWeb will accept a set number of samples from the same source IP address.
  • C. When machine learning (ML) is in its collecting phase, FortiWeb will accept an unlimited number of samples from the same source IP address.
  • D. When machine learning (ML) is in its running phase, FortiWeb will accept an unlimited number of samples from the same source IP address.

正解: C

 

質問 13
The FortiWeb machine learning (ML) feature is a two-phase analysis mechanism.
Which two functions does the first layer perform? (Choose two.)

  • A. Determines whether traffic is an anomaly, based on observed application traffic over time
  • B. Builds a threat model behind every parameter and HTTP method
  • C. Determines whether an anomaly is a real attack or just a benign anomaly that should be ignored
  • D. Determines if a detected threat is a false-positive or not

正解: A,B

解説:
The first layer uses the Hidden Markov Model (HMM) and monitors access to the application and collects data to build a mathematical model behind every parameter and HTTP method.

 

質問 14
Refer to the exhibit.

Many legitimate users are being identified as bots. FortiWeb bot detection has been configured with the settings shown in the exhibit. The FortiWeb administrator has already verified that the current model is accurate.
What can the administrator do to fix this problem, making sure that real bots are not allowed through FortiWeb?

  • A. Change Model Type to Strict
  • B. Disable Dynamically Update Model
  • C. Enable Bot Confirmation
  • D. Change Action under Action Settings to Alert

正解: C

解説:
Bot Confirmation
If the number of anomalies from a user has reached the Anomaly Count, the system executes Bot Confirmation before taking actions.
The Bot Confirmation is to confirm if the user is indeed a bot. The system sends RBE (Real Browser Enforcement) JavaScript or CAPTCHA to the client to double check if it's a real bot.

 

質問 15
What role does FortiWeb play in ensuring PCI DSS compliance?

  • A. It provides the WAF required by PCI.
  • B. It provides the ability to securely process cash transactions.
  • C. It provides the required SQL server protection.
  • D. It provides credit card processing capabilities.

正解: D

解説:
FortiWeb protects against attacks that lead to sensitive data exposure such as SQL Injection and other injection types. Additionally, FortiWeb inspects all web server outgoing traffic for sensitive data such as Social Security numbers, credit card numbers and other predefined or custom based sensitive data.

 

質問 16
You are using HTTP content routing on FortiWeb. You want requests for web application A to be forwarded to a cluster of web servers, which all host the same web application. You want requests for web application B to be forwarded to a different, single web server.
Which statement about this solution is true?

  • A. Static or policy-based routes are not required.
  • B. The server policy applies the same protection profile to all of its protected web applications.
  • C. You must put the single web server in to a server pool, in order to use it with HTTP content routing.
  • D. You must chain policies so that requests for web application A go to the virtual server for policy A, and requests for web application B go to the virtual server for policy B.

正解: A

 

質問 17
FortiWeb offers the same load balancing algorithms as FortiGate.
Which two Layer 7 switch methods does FortiWeb also offer? (Choose two.)

  • A. Round robin
  • B. HTTP user-based round robin
  • C. HTTP session-based round robin
  • D. HTTP content routes

正解: A,D

解説:
Reference:
http://fortinet.globalgate.com.ar/pdfs/FortiWeb/FortiWeb_DS.pdf

 

質問 18
What must you do with your FortiWeb logs to ensure PCI DSS compliance?

  • A. Store in an off-site location
  • B. Erase them every two weeks
  • C. Compress them into a .zip file format
  • D. Enable masking of sensitive data

正解: D

 

質問 19
What is one of the key benefits of the FortiGuard IP reputation feature?

  • A. It provides a document of IP addresses that are suspect, so that administrators can manually update their blacklists.
  • B. It is updated once per year.
  • C. It maintains a list of public IPs with a bad reputation for participating in attacks.
  • D. It maintains a list of private IP addresses.

正解: C

解説:
FortiGuard IP Reputation service assigns a poor reputation, including virus-infected clients and malicious spiders/crawlers.

 

質問 20
Refer to the exhibit.

Based on the configuration, what would happen if this FortiWeb were to lose power? (Choose two.)

  • A. Traffic will be interrupted between port3 and port4.
  • B. Traffic will pass between port5 and port6 uninspected.
  • C. Traffic that passes between port5 and port6 will be inspected.
  • D. All traffic will be interrupted.

正解: A,B

 

質問 21
Refer to the exhibit.

FortiWeb is configured to block traffic from Japan to your web application server. However, in the logs, the administrator is seeing traffic allowed from one particular IP address which is geo-located in Japan.
What can the administrator do to solve this problem? (Choose two.)

  • A. If the IP address is configured as an IP reputation exception, remove it.
  • B. Configure the IP address as a blacklisted IP address.
  • C. Manually update the geo-location IP addresses for Japan.
  • D. If the IP address is configured as a geo reputation exception, remove it.

正解: B,C

解説:
IP reputation leverages many techniques for accurate, early, and frequently updated identification of compromised and malicious clients so you can block attackers before they target your servers.
IP blacklisting is a method used to filter out illegitimate or malicious IP addresses from accessing your networks. Blacklists are lists containing ranges of or individual IP addresses that you want to block.
Reference:
https://www.imperva.com/learn/application-security/ip-blacklist/

 

質問 22
When FortiWeb triggers a redirect action, which two HTTP codes does it send to the client to inform the browser of the new URL? (Choose two.)

  • A. 0
  • B. 1
  • C. 2
  • D. 3

正解: A,C

 

質問 23
......

NSE6_FWB-6.1[2022年02月] 最新リリース] 試験問題あなたを必ず合格させます:https://www.goshiken.com/Fortinet/NSE6_FWB-6.1-mondaishu.html

関するブログ

もっと
NSE6_FWB-6.1無料問題集