Practice Free FCP_FWB_AD-7.4 Exam Online Questions
Which two configurations are compatible for Wireless Single Sign-On (WSSO)? (Choose two.)
- A . A VAP configured for captive portal authentication
- B . A VAP configured for WPA2 or 3 Enterprise
- C . A VAP configured to authenticate locally on FortiGate
- D . A VAP configured to authenticate using a radius server
Which two FortiWeb operation modes support machine learning? (Choose two.)
- A . Transparent proxy
- B . Offline protection
- C . True transparent proxy
- D . Reverse proxy
What key factor must be considered when setting brute force rate limiting and blocking?
- A . A single client contacting multiple resources
- B . Multiple clients sharing a single Internet connection
- C . Multiple clients from geographically diverse locations
- D . Multiple clients connecting to multiple resources
Which implementation is best suited for a deployment that must meet compliance criteria?
- A . SSL Offloading with FortiWeb in reverse proxy mode
- B . SSL Inspection with FortiWeb in Transparency mode
- C . SSL Offloading with FortiWeb in Transparency Mode
- D . SSL Inspection with FrotiWeb in Reverse Proxy mode
The FortiWeb machine learning (ML) feature is a two-phase analysis mechanism.
Which two functions does the first layer perform? (Choose two.)
- A . Determines whether an anomaly is a real attack or just a benign anomaly that should be ignored
- B . Builds a threat model behind every parameter and HTTP method
- C . Determines if a detected threat is a false-positive or not
- D . Determines whether traffic is an anomaly, based on observed application traffic over time
An e-commerce web app is used by small businesses. Clients often access it from offices behind a router, where clients are on an IPv4 private network LAN. You need to protect the web application from denial of service attacks that use request floods.
What FortiWeb feature should you configure?
- A . Enable ”Shared IP” and configure the separate rate limits for requests from NATted source IPs.
- B . Configure FortiWeb to use ”X-Forwarded-For:” headers to find each client’s private network IP, and to block attacks using that.
- C . Enable SYN cookies.
- D . Configure a server policy that matches requests from shared Internet connections.
What should you consider when troubleshooting threat detection and mitigation-related issues in a web application? (Select all that apply)
- A . Reviewing web server logs
- B . Analyzing firewall policies
- C . Disabling security features temporarily
- D . Collecting and analyzing traffic data
When configuring API protection, what security measure is commonly used to verify the identity of clients making API requests?
- A . Session cookies
- B . OAuth 2.0 tokens
- C . IP whitelisting
- D . HTTP referrer headers
You’ve configured an authentication rule with delegation enabled on FortiWeb.
What happens when a user tries to access the web application?
- A . FortiWeb replies with a HTTP challenge of behalf of the server, the if the user authenticates successfully, FortiWeb allows the request and also includes credentials in the request that it forwards to the web app
- B . FrotiWeb redirects users to a FortiAuthenticator page, then if the user authenticates successfully, FortiGate signals to FortiWeb to allow access to the web app
- C . FortiWeb forwards the HTTP challenge from the server to the client, then monitors the reply, allowing access if the user authenticates successfully
- D . ForitWeb redirects the user to the web app’s authentication page
Under what circumstances would you want to use the temporary uncompress feature of FortiWeb?
- A . In the case of compression being done on the web server, to inspect the content of the compressed file.
- B . In the case of compression being done on the FortiWeb, to inspect the content of the compressed file
- C . In the case of the file being an .MP4 video
- D . In the case of the file being a .MP3 music file