Summer Sale Discount Flat 70% Offer - Ends in 0d 00h 00m 00s - Coupon code: 70diswrap

Fortinet NSE5_FWB_AD-8.0 Dumps

Fortinet NSE 5 - FortiWeb 8.0 Administrator Questions and Answers

Question 1

Refer to the exhibit.

as

You have deployed FortiWeb behind a FortiGate that is configured as a reverse proxy and inserts the X-Forwarded-For HTTP header when forwarding HTTP and HTTPS traffic.

FortiWeb is using a custom inline protection profile, and logging is enabled, as shown in the exhibit.

You notice that FortiWeb is blocking legitimate users, and all requests in the attack logs appear to come from the FortiGate IP address, not the original client IP address.

Which action should you take to fix this issue?

Options:

A.

Replace the current deployment mode with a one-arm proxy to expose source IP addresses.

B.

Disable IP-based detection features on FortiWeb to avoid IP-related blocking.

C.

Recreate the server policy using the predefined profile instead of a custom one.

D.

Modify the protection profile to use the X-Forwarded-For header for client IP address detection.

Question 2

While reviewing FortiWeb logs, you notice a suspicious login request that failed authentication. You suspect it may be part of an injection attack targeting the login form.

Which input pattern is an example of a typical SQL injection attempt that could bypass authentication checks?

Options:

A.

'||(SELECT password FROM users WHERE role='admin')||'

B.

< sql > select(ALL USERS); < /sql >

C.

< script > document.location='/steal?cookie='+document.cookie < /script >

D.

SELECT username FROM accounts WHERE username='admin';-- ' AND password='password';

Question 3

Refer to the exhibit.

as

You are a FortiWeb administrator reviewing how FortiAI protects sensitive data when interacting with a large language model (LLM).

Drag each label to the corresponding step in the FortiAI data privacy workflow.

as

Options:

Question 4

A FortiWeb administrator is hardening a customer checkout website.

The site contains sensitive links such as Login, Payment, and Admin, which are embedded in the HTML content of several pages.

A vulnerability scan shows that automated bots can crawl the web pages and easily enumerate these links by parsing the HTML source, even though users access them normally, through the site navigation.

Which FortiWeb feature should the administrator enable to prevent automated scanners from discovering these links?

Options:

A.

Link cloaking

B.

URL rewriting

C.

URL encryption

D.

Deep packet inspection

Question 5

FortiWeb is blocking groups of users behind your load balancer. In the logs, all users show the same source IP address.

Which action should you take to restore proper client identification?

Options:

A.

Add a bot detection rule in the protection profile.

B.

Update the signature engine.

C.

Reconfigure the load balancer to insert the original client IP address in an HTTP header.

D.

Enable caching for HTTPS traffic.

Question 6

You are hosting multiple secure web applications behind a single public IP address on FortiWeb.

When a client connects to a service, FortiWeb needs to:

    Identify the correct SSL certificate.

    Decrypt the request.

    Route the request to the correct back-end server.

Match each FortiWeb function to the request handling step that performs the function.

as

Options:

Question 7

You need to monitor and respond to repeated suspicious activity from individual users who are accessing your web application.

Your goal is to evaluate each action the user takes and apply a response when their behavior becomes risky.

What can you configure on FortiWeb to track user behavior and respond automatically when risky activity continues?

Options:

A.

Configure rate limiting on the IP reputation blocklist.

B.

Add a custom signature to block suspicious URLs immediately.

C.

Enable automatic cookie security under the server policy.

D.

Set up scoring in the protection profile to track request behavior over time.

Question 8

Which URL should you rewrite to reduce security risk?

Question 9

Which situation best explains when a FortiWeb administrator should enable automatic HTTP-to-HTTPS redirection?

Options:

A.

The organization prefers to keep both HTTP and HTTPS available for flexibility.

B.

Users are accessing a static website that does not handle sensitive data.

C.

The back-end server uses only HTTP and cannot support encryption.

D.

The web application handles logins or personal data and must ensure encrypted communication.

Question 10

You recently deployed two FortiWeb devices in an active-active (A-A) high availability (HA) cluster.

During routine maintenance, you want to confirm that the cluster is synchronizing the correct configuration areas and that both FortiWeb devices behave consistently in production.

As the FortiWeb administrator, which two configuration areas should you examine to verify that HA synchronization is functioning correctly? (Choose two.)

Options:

A.

Check the network configuration on both FortiWeb devices—such as interfaces and static routes—to ensure they are aligned.

B.

Review policy configurations, including server policies and protection profiles, to confirm they match across the cluster.

C.

Review inspection and mitigation log files to determine if they are being replicated across both FortiWeb devices.

D.

Verify whether firmware images and upgrade history are synchronized between the FortiWeb devices.

Page: 1 / 4
Total 36 questions