최신 FCP_FWB_AD-7.4 무료덤프 - Fortinet FCP

문제1

What must you do with your FortiWeb logs to ensure PCI DSS compliance?

A. Enable masking of sensitive data

B. Compress them into a .zip file format

C. Erase them every two weeks

D. Store in an off-site location

정답: A

문제2

Which encryption algorithm is commonly used to secure data transmission over HTTPS connections?
(Select all that apply)

A. AES (Advanced Encryption Standard)

B. SHA-1 (Secure Hash Algorithm 1)

C. RSA (Rivest-Shamir-Adleman)

D. DES (Data Encryption Standard)

정답: A,C

문제3

Refer to the exhibit.

FortiADC is applying SNAT to all inbound traffic going to the servers. When an attack occurs, FortiWeb blocks traffic based on the 192.0.2.1 source IP address, which belongs to FortiADC. The setup is breaking all connectivity and genuine clients are not able to access the servers.
What must the administrator do to avoid this problem? (Choose two.)

A. Place FortiWeb in front of FortiADC.

B. Enable the Use X-Forwarded-For setting on FortiWeb.

C. No Special configuration is required; connectivity will be re-established after the set timeout.

D. Enable the Add X-Forwarded-For setting on FortiWeb.

정답: A,B

문제4

What are two advantages of using the URL rewriting and redirecting feature on FortiWeb? (Choose two.)

A. It enhances security by redirecting all requests to a private IP address.

B. It prevents the disclosure of underlying technology to clients.

C. It reduces the number of requests, which reduces the risk of man-in-the-middle attacks.

D. It reduces server load by reducing the number of clients being served by a single web server.

정답: B,C

문제5

In order for FortiWeb to provide the best possible protection for servers, how should you deploy it?

A. In a one-arm topology, deployed in transparent mode.

B. In-line, behind FortiGate, deployed in reverse proxy mode.

C. In-line, without FortiGate, deployed in true transparent mode.

D. In-line, in front of FortiGate, deployed in offline protection mode.

정답: B

문제6

In which two ways does FortiWeb handle traffic that does not match any defined policies? (Choose two.)

A. In transparent mode, the traffic is passed through.

B. In offline protection mode, the traffic is dropped with a TCP reset.

C. In true transparent mode, ip-forward should be enabled to deny the traffic.

D. In reverse-proxy mode, the traffic is denied.

정답: A,D

문제7

FortiWeb offers the same load balancing algorithms as FortiGate.
Which two Layer 7 switch methods does FortiWeb also offer? (Choose two.)

A. HTTP session-based round robin

B. Round robin

C. HTTP user-based round robin

D. HTTP content routes

정답: B,D

문제8

Refer to the exhibits.

FortiWeb is configured in reverse proxy mode and it is deployed downstream to FortiGate. Based on the configuration shown in the exhibits, which of the following statements is true?

A. You must disable the Preserve Client IP setting on FotriGate for this configuration to work.

B. FortiGate should forward web traffic to the server pool IP addresses.

C. FortiGate should forward web traffic to virtual server IP address.

D. The configuration is incorrect. FortiWeb should always be located upstream to FortiGate.

정답: C

문제9

When user tracking is configured, how does FortiWeb identify which users to track?

A. FortiWeb tracks only users identified by FortiWeb admin.

B. FortiWeb tracks only users logged in during an attack.

C. FortiWeb tracks admin users.

D. FortiWeb tracks only users that have logged in successfully.

정답: D

문제10

What is a drawback of TLS 1.3?

A. It has a worse encryption algorithm.

B. It can break transparent inspection.

C. It requires powerful hardware for processing.

D. It can have a slower connection initiation.

정답: A

최신 FCP_FWB_AD-7.4 무료덤프 - Fortinet FCP - FortiWeb 7.4 Administrator

우리와 연락하기

유용한 링크

최신 업데이트