What can an administrator do if a client has been incorrectly Period Blocked?

A. Disconnect the client from the network

B. Manually release the IP from the temporary Blacklist

C. Nothing, it is not possible to override a Period Block

D. Force a new IP address to the client.

A client is trying to start a session from a page that should normally be accessible only after they have

logged in.

When a start page rule detects the invalid session access, what can FortiWeb do? (Choose three.)

A. Reply with a "403 Forbidden" HTTP error

B. Allow the page access, but log the violation

C. Automatically redirect the client to the login page

D. Display an access policy message, then allow the client to continue, redirecting them to their requested page

E. Prompt the client to authenticate

Which is true about HTTPS on FortiWeb? (Choose three.)

A. For SNI, you select the certificate that FortiWeb will present in the server pool, not in the server policy.

B. After enabling HSTS, redirects to HTTPS are no longer necessary.

C. In true transparent mode, the TLS session terminator is a protected web server.

D. Enabling RC4 protects against the BEAST attack, but is not recommended if you configure FortiWeb to only offer TLS 1.2.

E. In transparent inspection mode, you select which certificate that FortiWeb will present in the server pool, not in the server policy.

Which of the following is true about Local User Accounts?

A. Must be assigned regardless of any other authentication

B. Can be used for Single Sign On

C. Can be used for site publishing

D. Best suited for large environments with many users

In which operation mode(s) can FortiWeb modify HTTP packets? (Choose two.)

A. Transparent Inspection

B. Offline protection

C. True transparent proxy

D. Reverse proxy

What role does FortiWeb play in ensuring PCI DSS compliance?

A. PCI specifically requires a WAF

B. Provides credit card processing capabilities

C. Provide ability to securely process cash transactions

D. Provides load balancing between multiple web servers

What capability can FortiWeb add to your Web App that your Web App may or may not already have?

A. Automatic backup and recovery

B. High Availability

C. HTTP/HTML Form Authentication

D. SSL Inspection

Reverse-proxy mode is best suited for use in which type of environment?

A. New networks where infrastructure is not yet defined

B. Environments where you cannot change your IP addressing scheme

C. Flexible environments where you can easily change the IP addressing scheme

D. Small Office/Home Office environments

An e-commerce web app is used by small businesses. Clients often access it from offices behind a router,

where clients are on an IPv4 private network LAN. You need to protect the web application from denial of

service attacks that use request floods.

What FortiWeb feature should you configure?

A. Enable "Shared IP" and configure the separate rate limits for requests from NATted source IPs.

B. Configure FortiWeb to use "X-Forwarded-For:" headers to find each client's private network IP, and to block attacks using that.

C. Enable SYN cookies.

D. Configure a server policy that matches requests from shared Internet connections.

Under which circumstances does FortiWeb use its own certificates? (Choose Two)

A. Secondary HTTPS connection to server where FortiWeb acts as a client

B. HTTPS to clients

C. HTTPS access to GUI

D. HTTPS to FortiGate