An e-commerce web app is used by small businesses. Clients often access it from offices behind a router,
where clients are on an IPv4 private network LAN. You need to protect the web application from denial of
service attacks that use request floods.
What FortiWeb feature should you configure?
A. Enable "Shared IP" and configure the separate rate limits for requests from NATted source IPs.
B. Configure FortiWeb to use "X-Forwarded-For:" headers to find each client's private network IP, and to block attacks using that.
C. Enable SYN cookies.
D. Configure a server policy that matches requests from shared Internet connections.
Under which circumstances does FortiWeb use its own certificates? (Choose Two)
A. Secondary HTTPS connection to server where FortiWeb acts as a client
B. HTTPS to clients
C. HTTPS access to GUI
D. HTTPS to FortiGate
What benefit does Auto Learning provide?
A. Automatically identifies and blocks suspicious IPs
B. FortiWeb scans all traffic without taking action and makes recommendations on rules
C. Automatically builds rules sets
D. Automatically blocks all detected threats
What capability can FortiWeb add to your Web App that your Web App may or may not already have?
A. Automatic backup and recovery
B. High Availability
C. HTTP/HTML Form Authentication
D. SSL Inspection
Reverse-proxy mode is best suited for use in which type of environment?
A. New networks where infrastructure is not yet defined
B. Environments where you cannot change your IP addressing scheme
C. Flexible environments where you can easily change the IP addressing scheme
D. Small Office/Home Office environments
Which implementation is best suited for a deployment that must meet compliance criteria?
A. SSL Inspection with FortiWeb in Transparency mode
B. SSL Offloading with FortiWeb in reverse proxy mode
C. SSL Inspection with FrotiWeb in Reverse Proxy mode
D. SSL Offloading with FortiWeb in Transparency Mode
Which of the following FortiWeb features is part of the mitigation tools against OWASP A4 threats?
A. Sensitive info masking
B. Poison Cookie detection
C. Session Management
D. Brute Force blocking
Which operation mode does not require additional configuration in order to allow FTP traffic to your web server?
A. Offline Protection
B. Transparent Inspection
C. True Transparent Proxy
D. Reverse-Proxy
When the FortiWeb is configured in Reverse Proxy mode and the FortiGate is configured as an SNAT device, what IP address will the FortiGate's Real Server configuration point at?
A. Virtual Server IP on the FortiGate
B. Server's real IP
C. FortiWeb's real IP
D. IP Address of the Virtual Server on the FortiWeb
How does your FortiWeb configuration differ if the FortiWeb is upstream of the SNAT device instead of downstream of the SNAT device?
A. You must enable the "Use" X-Forwarded-For: option.
B. FortiWeb must be set for Transparent Mode
C. No special configuration required
D. You must enable "Add" X-Forwarded-For: instead of the "Use" X-Forwarded-For: option.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Fortinet exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your NSE6_FWB-6.1 exam preparations and Fortinet certification application, do not hesitate to visit our Vcedump.com to find your solutions here.