Question 6 of 30
Refer to the exhibit.
Exam NSE6_FWB-6.1: Question 6 - Image 1
Based on the configuration, what would happen if this FortiWeb were to lose power? (Choose two.)
Answer

Suggested Answer

The suggested answer is B, D.

Reference:
https://docs.fortinet.com/document/fortiweb/6.3.10/administration-guide/33485/fail-to-wire-for-power-loss-reboots
Question 7 of 30
Refer to the exhibit.
Exam NSE6_FWB-6.1: Question 7 - Image 1
FortiWeb is configured to block traffic from Japan to your web application server. However, in the logs, the administrator is seeing traffic allowed from one particular IP address which is geo-located in Japan.
What can the administrator do to solve this problem? (Choose two.)
Answer

Suggested Answer

The suggested answer is A, C.

IP reputation leverages many techniques for accurate, early, and frequently updated identification of compromised and malicious clients so you can block attackers before they target your servers.
IP blacklisting is a method used to filter out illegitimate or malicious IP addresses from accessing your networks. Blacklists are lists containing ranges of or individual IP addresses that you want to block.
Reference:
https://docs.fortinet.com/document/fortiweb/6.3.5/administration-guide/137271/blacklisting-whitelisting-clients https://www.imperva.com/learn/application-security/ip-blacklist/
Community Votes2 votes
BCMost voted
100%
Question 8 of 30
Which algorithm is used to build mathematical models for bot detection?
Answer

Suggested Answer

The suggested answer is C.

FortiWeb uses SVM (Support Vector Machine) algorithm to build up the bot detection model
Reference:
https://docs.fortinet.com/document/fortiweb/6.3.7/administration-guide/193258/machine-learning
Question 9 of 30
A client is trying to start a session from a page that would normally be accessible only after the client has logged in.
When a start page rule detects the invalid session access, what can FortiWeb do? (Choose three.)
Answer

Suggested Answer

The suggested answer is B, C, E.

Reference:
https://help.fortinet.com/fweb/607/Content/FortiWeb/fortiweb-admin/specify_urls_to_initiate.htm
Community Votes1 vote
BCESuggested
100%
Question 10 of 30
Refer to the exhibit.
Exam NSE6_FWB-6.1: Question 10 - Image 1
Many legitimate users are being identified as bots. FortiWeb bot detection has been configured with the settings shown in the exhibit. The FortiWeb administrator has already verified that the current model is accurate.
What can the administrator do to fix this problem, making sure that real bots are not allowed through FortiWeb?
Answer

Suggested Answer

The suggested answer is D.

Bot Confirmation -
If the number of anomalies from a user has reached the Anomaly Count, the system executes Bot Confirmation before taking actions.
The Bot Confirmation is to confirm if the user is indeed a bot. The system sends RBE (Real Browser Enforcement) JavaScript or CAPTCHA to the client to double check if it's a real bot.
Reference:
https://docs.fortinet.com/document/fortiweb/6.3.1/administration-guide/600188/configuring-bot-detection-profiles
Community Votes1 vote
DSuggested
100%