
Fortinet NSE 5 - FortiWeb 8.0 Administrator - NSE5_FWB_AD-8.0 Exam Questions
QUESTION NO: 1
You are reviewing the FortiWeb integration with the Advanced Bot Protection (ABP) service.
Match each step in the ABP flow with its description.

You are reviewing the FortiWeb integration with the Advanced Bot Protection (ABP) service.
Match each step in the ABP flow with its description.

Correct Answer:

Explanation:

The ABP workflow begins when FortiWeb challenges the browser by injecting JavaScript used to collect behavior data. The client browser then executes that JavaScript and sends the observed behavior information to the ABP service. FortiWeb then uses the ABP service decision process to determine whether the browser behavior looks human or automated. If the ABP service identifies the activity as malicious or bot-like, FortiWeb blocks the request before it reaches the protected application. If the request is validated as coming from a real user, FortiWeb allows the traffic to continue to the back-end server. The order is important because FortiWeb cannot allow or block based on ABP until browser behavior has first been collected and evaluated.
QUESTION NO: 2
Refer to the exhibits.


You are configuring a FortiWeb device in reverse proxy mode, placed downstream from a FortiGate. The server pool includes two back-end web servers: 10.1.1.21 and 10.1.1.22, and you've defined a health check policy.
After completing the server policy configuration and applying it to a virtual server, you notice that FortiWeb is not forwarding traffic to the back-end servers. No errors or health check failures appear in the logs.
Based on the configuration shown in the exhibit, which change should you make to restore back-end traffic flow?
Refer to the exhibits.


You are configuring a FortiWeb device in reverse proxy mode, placed downstream from a FortiGate. The server pool includes two back-end web servers: 10.1.1.21 and 10.1.1.22, and you've defined a health check policy.
After completing the server policy configuration and applying it to a virtual server, you notice that FortiWeb is not forwarding traffic to the back-end servers. No errors or health check failures appear in the logs.
Based on the configuration shown in the exhibit, which change should you make to restore back-end traffic flow?
Correct Answer: B
Explanation: Only visible for Pass4Test members. You can sign-up / login (it's free).
QUESTION NO: 3
Which situation best explains when a FortiWeb administrator should enable automatic HTTP-to-HTTPS redirection?
Which situation best explains when a FortiWeb administrator should enable automatic HTTP-to-HTTPS redirection?
Correct Answer: A
Explanation: Only visible for Pass4Test members. You can sign-up / login (it's free).
QUESTION NO: 4
Refer to the exhibit.

There is only one administrator account configured on FortiWeb and IPv6 is not configured on any interface.
Which action should an administrator take to restrict any brute force attacks that attempt to gain access to the FortiWeb management GUI?
Refer to the exhibit.

There is only one administrator account configured on FortiWeb and IPv6 is not configured on any interface.
Which action should an administrator take to restrict any brute force attacks that attempt to gain access to the FortiWeb management GUI?
Correct Answer: C
Explanation: Only visible for Pass4Test members. You can sign-up / login (it's free).




