DON'T WANT TO MISS A THING?

Certification Exam Passing Tips

Latest exam news and discount info

Curated and up-to-date by our experts

Yes, send me the newsletter

Fortinet FCP_FWB_AD-7.4 Exam Sample Questions | SPOTO

SPOTO's latest exam dumps on the homepage, with a 100% pass rate! SPOTO delivers authentic Cisco CCNA, CCNP study materials, CCIE Lab solutions, PMP, CISA, CISM, AWS, and Palo Alto exam dumps. Our comprehensive study materials are meticulously aligned with the latest exam objectives. With a proven track record, we have enabled thousands of candidates worldwide to pass their IT certifications on their first attempt. Over the past 20+ years, SPOTO has successfully placed numerous IT professionals in Fortune 500 companies.
Take other online exams
Question #1
A customer wants to be able to index your websites for search and advertisement purposes. What is the easiest way to allow this on a FortiWeb?
A. Add the indexer IP address to the trusted IP list on the FortiWeb
B. Add the indexer IP address to the FortiGuard "Known Search Engines" category
C. Create a firewall rule to bypass the FortiWeb entirely for the indexer IP address
D. Do not allow any external sites to index your websites
View answer
Correct Answer: A
Question #2
In FortiWeb, which component is responsible for handling incoming traffic and applying security policies?
A. FortiGate
B. Server pool
C. Web Application Firewall (WAF)correct
D. FortiManager
View answer
Correct Answer: C
Question #3
When integrating FortiWeb and FortiAnalyzer, why is the selection for FortiWeb Version critical? (Choose two)
A. Defines Log file formatcorrect
B. Defines communication protocol
C. Defines Database Schema
D. Defines Log storage locationcorrect
View answer
Correct Answer: AD
Question #4
Which of the following is a common challenge when implementing bot mitigation techniques?
A. Incompatibility with web browsers
B. Difficulty in distinguishing between legitimate and malicious botscorrect
C. Increased server response times
D. Lack of support for mobile devices
View answer
Correct Answer: B
Question #5
Which HTTP response code is commonly used to indicate a permanent redirection in application delivery?
A. 200 OK
B. 301 Moved Permanentlycorrect
C. 404 Not Found
D. 500 Internal Server Error
View answer
Correct Answer: B
Question #6
Refer to the exhibit. If rule 1 matches http://bwapp.fortinet.demo, rule 2 matches http://dvwa.fortinet.demo, and the default web protection profile is the inline protection profile, which protection profile will be applied to a connection to http://petstore.fortinet.demo?
A. bwappcorrect
B. policy1
C. dwva
D. Inline protection profile
View answer
Correct Answer: A
Question #7
Refer to the exhibit. What are two additional configuration elements that you must be configure for this API gateway? (Choose two.)
A. You must define rate limits
B. You must define URL prefixes
C. You must select a setting in the Allow User Group field
D. You must enable and configure Host Status
View answer
Correct Answer: AB
Question #8
Which three statements about HTTPS on FortiWeb are true? (Choose three.)
A. For TLS inspection, you must upload the server certificate and key to FortiWeb
B. In transparent inspection mode, FortiWeb supports the same cipher suites as reverse proxy mode
C. In reverse proxy mode, FortiWeb can re-encrypt connections to the protected web servers
D. You can choose which SSL/TLS protocol versions are supported by FortiWeb when clients connect to a virtual server
View answer
Correct Answer: ACD
Question #9
What is a common technique to mitigate Cross-Site Scripting (XSS) attacks in web applications?
A. Input validation and escapingcorrect
B. Encryption of user passwords
C. Captcha verification for login forms
D. SSL/TLS encryption
View answer
Correct Answer: A
Question #10
Which compliance standards often require encryption and secure authentication for web applications? (Select all that apply)
A. GDPR (General Data Protection Regulation)correct
B. HIPAA (Health Insurance Portability and Accountability Act)correct
C. PCI DSS (Payment Card Industry Data Security Standard)correct
D. ISO 9001 (Quality Management System)
View answer
Correct Answer: ABC
Question #11
In which two operating modes can FortiWeb modify HTTP packets? (Choose two.)
A. True transparent proxy
B. Virtual proxy
C. Transparent inspection
D. Reverse proxy
View answer
Correct Answer: BD
Question #12
How can you mitigate attacks on authentication processes in a web application? (Select all that apply)
A. Implement multi-factor authentication (MFA)correct
B. Use secure password hashing algorithmscorrect
C. Disable all authentication mechanisms
D. Implement account lockout policiescorrect
View answer
Correct Answer: ABD
Question #13
Which of the following FortiWeb features is part of the mitigation tools against OWASP A4 threats?
A. Sensitive info masking
B. Session Managementcorrect
C. Poison Cookie detection
D. Brute Force blocking
View answer
Correct Answer: B
Question #14
Under which circumstances does FortiWeb use its own certificates? (Choose Two)
A. HTTPS to clientscorrect
B. HTTPS access to GUIcorrect
C. HTTPS to FortiGate
D. Secondary HTTPS connection to server where FortiWeb acts as a clientcorrect
View answer
Correct Answer: ABD
Question #15
When configuring threat mitigation features for a web application, what is the primary purpose of rate limiting?
A. Preventing brute force attackscorrect
B. Identifying malicious IP addresses
C. Encrypting sensitive data
D. Optimizing web server performance
View answer
Correct Answer: A
Question #16
When the FortiWeb is configured in Reverse Proxy mode and the FortiGate is configured as an SNAT device, what IP address will the FortiGate's Real Server configuration point at?
A. IP Address of the Virtual Server on the FortiWeb
B. Virtual Server IP on the FortiGatecorrect
C. Server's real IP
D. FortiWeb's real IP
View answer
Correct Answer: B
Question #17
Which of the following steps is essential for troubleshooting deployment and system-related issues in FortiWeb?
A. Clearing browser cache
B. Disabling firewall policies
C. Collecting logs and diagnostic informationcorrect
D. Increasing server pool capacity
View answer
Correct Answer: C
Question #18
Which regex expression is the correct format for redirecting the URL http://www.example.com?
A. www/
B. www\
C. www
D. www\example\com
View answer
Correct Answer: C
Question #19
Which implementation is most suited for a deployment that must meet PCI DSS compliance criteria?
A. SSL offloading with FortiWeb in reverse proxy mode
B. SSL offloading with FortiWeb in PCI DSS mode
C. SSL offloading with FortiWeb in transparency mode
D. SSL offloading with FortiWeb in full transparent proxy mode
View answer
Correct Answer: B
Question #20
An attacker attempts to send an SQL injection attack containing the known attack string 'root'; - - through an API call. Which FortiWeb inspection feature will be able to detect this attack the quickest?
A. API gateway rule
B. Known signatures
C. Machine learning (ML) - based API protection — anomaly detection
D. ML - based API protection — threat detection
View answer
Correct Answer: B
Question #21
What is a common technique to mitigate Cross-Site Scripting (XSS) attacks in web applications?
A. Input validation and escapingcorrect
B. Encryption of user passwords
C. Captcha verification for login forms
D. SSL/TLS encryption
View answer
Correct Answer: A
Question #22
Which compliance standards often require encryption and secure authentication for web applications? (Select all that apply)
A. GDPR (General Data Protection Regulation)correct
B. HIPAA (Health Insurance Portability and Accountability Act)correct
C. PCI DSS (Payment Card Industry Data Security Standard)correct
D. ISO 9001 (Quality Management System)
View answer
Correct Answer: ABC
Question #23
An attacker attempts to send an SQL injection attack containing the known attack string 'root'; -- through an API call.Which FortiWeb inspection feature will be able to detect this attack the quickest?
A. API gateway rule
B. Known signatures
C. Machine learning (ML)-based API protection---anomaly detection
D. ML-based API protection---threat detection
View answer
Correct Answer: B
Question #24
In SAML deployments, which server contains user authentication credentials (username/password)?
A. Identity provider
B. Service provider
C. User database
D. Authentication client
View answer
Correct Answer: A
Question #25
When configuring access control for a web application, which methods can be used to enforce security? (Select all that apply)
A. IP whitelisting
B. Role-based access control (RBAC)
C. Captcha verification
D. Two-factor authentication (2FA)
View answer
Correct Answer: AB
Question #26
What can an administrator do if a client has been incorrectly period blocked?
A. Nothing, it is not possible to override a period block
B. Manually release the ID address from the temporary blacklist
C. Force a new IP address to the client
D. Disconnect the client from the network
View answer
Correct Answer: B
Question #27
Which implementation is most suited for a deployment that must meet PCI DSS compliance criteria?
A. SSL offloading with FortiWeb in reverse proxy mode
B. SSL offloading with FortiWeb in PCI DSS mode
C. SSL offloading with FortiWeb in transparency mode
D. SSL offloading with FortiWeb in full transparent proxy mode
View answer
Correct Answer: B
Question #28
What should you consider when troubleshooting threat detection and mitigation-related issues in a web application? (Select all that apply)
A. Reviewing web server logscorrect
B. Analyzing firewall policiescorrect
C. Disabling security features temporarily
D. Collecting and analyzing traffic datacorrect
View answer
Correct Answer: ABD
Question #29
In FortiWeb, which component is responsible for handling incoming traffic and applying security policies?
A. FortiGate
B. Server pool
C. Web Application Firewall (WAF)correct
D. FortiManager
View answer
Correct Answer: C
Question #30
Which implementation is most suited for a deployment that must meet PCI DSS compliance criteria?
A. SSL offloading with FortiWeb in reverse proxy mode
B. SSL offloading with FortiWeb in PCI DSS mode
C. SSL offloading with FortiWeb in transparency mode
D. SSL offloading with FortiWeb in full transparent proxy mode
View answer
Correct Answer: B

View The Updated Fortinet Exam Questions

SPOTO Provides 100% Real Fortinet Exam Questions for You to Pass Your Fortinet Exam!

Get Fortinet Practice Test

View Answers after Submission

Please submit your email and WhatsApp to get the answers of questions.

Note: Please make sure your email ID and Whatsapp are valid so that you can get the correct exam results.

Email:
Whatsapp/phone number:


Copyright © 2024. Designer by SPOTO Official Website. All Rights Reserved.