Summer Sale - Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70dumps

NSE5_FWB_AD-8.0 Questions and Answers

Question # 6

Which URL should you rewrite to reduce security risk?

A.

https://www.example.com/about/team

B.

https://www.example.com/wordpress/?feed=rss2

C.

https://www.example.com/products/today

D.

https://www.example.com/25.3.6/Browse/MediaData

Full Access
Question # 7

Refer to the exhibit.

Question # 7

You have deployed FortiWeb behind a FortiGate that is configured as a reverse proxy and inserts the X-Forwarded-For HTTP header when forwarding HTTP and HTTPS traffic.

FortiWeb is using a custom inline protection profile, and logging is enabled, as shown in the exhibit.

You notice that FortiWeb is blocking legitimate users, and all requests in the attack logs appear to come from the FortiGate IP address, not the original client IP address.

Which action should you take to fix this issue?

A.

Replace the current deployment mode with a one-arm proxy to expose source IP addresses.

B.

Disable IP-based detection features on FortiWeb to avoid IP-related blocking.

C.

Recreate the server policy using the predefined profile instead of a custom one.

D.

Modify the protection profile to use the X-Forwarded-For header for client IP address detection.

Full Access
Question # 8

You are configuring the FortiWeb client-side protection feature to defend against browser-based attacks.

Based on the layered defense strategy, drag and drop each control to the corresponding stage of defense.

Question # 8

Full Access
Question # 9

Refer to the exhibit.

Question # 9

You are configuring SSL offloading on FortiWeb to protect a public-facing application. Clients connect using HTTPS, while FortiWeb forwards requests to the back-end server using HTTP.

You are reviewing certificate deployment and need to decide where to install the private key for the certificate used in client connections.

In this SSL offloading setup, which device is responsible for using the private key associated with the web server certificate?

A.

FortiWeb, because it terminates the HTTPS session and decrypts traffic.

B.

None. SSL offloading does not require a private key because FortiWeb only forwards traffic.

C.

The server, because it always handles certificates regardless of SSL mode.

D.

The client, because it initiates the TLS handshake and verifies the certificate.

Full Access
Question # 10

You are reviewing a report from your FortiWeb logs and notice a JavaScript payload like < script > document.cookie < /script > is submitted through a product review form. The page doesn’t filter the script, and when users view the review, their session cookies are exposed.

Why is this attack dangerous?

A.

It executes code in the victim’s browser.

B.

It leaks back-end database information.

C.

It bypasses login pages.

D.

It forces a victim to click malicious links.

Full Access