Fortinet FCP_FWB_AD-7.4 Übungsprüfungen
Zuletzt aktualisiert am 26.04.2025- Prüfungscode: FCP_FWB_AD-7.4
- Prüfungsname: FCP - FortiWeb 7.4 Administrator
- Zertifizierungsanbieter: Fortinet
- Zuletzt aktualisiert am: 26.04.2025
Which of the following is a critical system setting that should be configured during FortiWeb deployment?
- A . Email notifications
- B . Default web filtering policies
- C . DNS server settings
- D . System time synchronization
Which is true about HTTPS on FortiWeb? (Choose three.)
- A . Enabling RC4 protects against the BEAST attack, but is not recommended if you configure FortiWeb to only offer TLS 1.2.
- B . In true transparent mode, the TLS session terminator is a protected web server.
- C . In transparent inspection mode, you select which certificate that FortiWeb will present in the server pool, not in the server policy.
- D . For SNI, you select the certificate that FortiWeb will present in the server pool, not in the server policy.
- E . After enabling HSTS, redirects to HTTPS are no longer necessary.
What is the primary benefit of using a content delivery network (CDN) in application delivery?
- A . Improved server security
- B . Centralized content management
- C . Enhanced content distribution and availability
- D . Simplified URL rewriting
When integrating FortiWeb and FortiAnalyzer, why is the selection for FortiWeb Version critical? (Choose two)
- A . Defines Log file format
- B . Defines communication protocol
- C . Defines Database Schema
- D . Defines Log storage location
When enabling security fabric on the FortiGate interface to manage FortiAPs, which two types of communication channels are established between FortiGate and FortiAPs? (Choose two.)
- A . Control channels
- B . Security channels
- C . FortLink channels
- D . Data channels
What is a common technique to mitigate Cross-Site Scripting (XSS) attacks in web applications?
- A . Input validation and escaping
- B . Encryption of user passwords
- C . Captcha verification for login forms
- D . SSL/TLS encryption
In which operation mode does FortiWeb offer both the ability to offload SSL as well as re-encrypt SSL?
- A . Reverse proxy
- B . Offline protection
- C . Transparent inspection
- D . True transparent proxy
Refer to the exhibit.
If rule 1 matches http://bwapp.fortinet.demo, rule 2 matches http://dvwa.fortinet.demo, and the default web protection profile is the inline protection profile, which protection profile will be applied to a connection to http://petstore.fortinet.demo?
- A . bwapp
- B . policy1
- C . dwva
- D . Inline protection profile
An e-commerce web app is used by small businesses. Clients often access it from offices behind a router, where clients are on an IPv4 private network LAN. You need to protect the web application from denial of service attacks that use request floods.
What FortiWeb feature should you configure?
- A . Enable “Shared IP“ and configure the separate rate limits for requests from NATted source IPs.
- B . Configure FortiWeb to use “X-Forwarded-For:“ headers to find each client’s private network IP, and to block attacks using that.
- C . Enable SYN cookies.
- D . Configure a server policy that matches requests from shared Internet connections.
Which FortiWeb configuration element is used to define rules for allowing or blocking specific types of traffic?
- A . Protected hostname
- B . Firewall policy
- C . Security profile
- D . High Availability (HA)