FCP - FortiWeb 7.4 Administrator - FCP_FWB

Question 1

In the context of web application security, what is the primary role of a Content Security Policy (CSP)?

A. Preventing SQL injection attacks

B. Detecting malicious JavaScript code

C. Encrypting data at rest

D. Controlling the sources of content that a web page can load

Correct Answer: D

Question 2

What is the primary purpose of configuring threat mitigation features in web application security?

A. Improving user interface design

B. Enhancing application performance

C. Optimizing database management

D. Protecting against malicious activities and attacks

Correct Answer: D

Question 3

Which two statements about background rogue scanning are correct? (Choose two.)

A. A dedicated radio configured for background scanning can support the connection of wireless clients

B. A dedicated radio configured for background scanning can detect rogue devices on all other channels in its configured frequency band.

C. When detecting rogue APs, a dedicated radio configured for background scanning can suppress the rogue AP

D. Background rogue scanning requires DARRP to be enabled on the AP instance

Correct Answer: A,D

Question 4

Which implementation is most suited for a deployment that must meet PCI DSS compliance criteria?

A. SSL offloading with FortiWeb in full transparent proxy mode

B. SSL offloading with FortiWeb in PCI DSS mode

C. SSL offloading with FortiWeb in reverse proxy mode

D. SSL offloading with FortiWeb in transparency mode

Correct Answer: B

Explanation: Only visible for Actualtests4sure members. You can sign-up / login (it's free).

Question 5

An attacker attempts to send an SQL injection attack containing the known attack string 'root'; -- through an API call.
Which FortiWeb inspection feature will be able to detect this attack the quickest?

A. Known signatures

B. Machine learning (ML)-based API protection-anomaly detection

C. ML-based API protection-threat detection

D. API gateway rule

Correct Answer: A

Explanation: Only visible for Actualtests4sure members. You can sign-up / login (it's free).

Question 6

Refer to the exhibit.

How does FortiWeb generate this support vector machine (SVM) model?

A. It uses data received during the collection phase of the machine learning (ML) process.

B. It is constantly updated through observed traffic after the ML model has been built by FortiWeb.

C. It uses the XML file imported by the administrator.

D. It downloads information periodically from FortiGuard.

Correct Answer: D

Question 7

What is the primary function of configuring FortiWeb HA (High Availability)?

A. Managing server pools

B. Blocking malicious IPs

C. Ensuring system redundancy and failover

D. Load balancing traffic

Correct Answer: C

Question 8

When configuring protected hostnames in FortiWeb, what is their primary purpose?

A. Identifying internal network resources

B. Defining NAT policies

C. Blocking outgoing traffic

D. Redirecting traffic to a specific URL

Correct Answer: A

Question 9

FortiWeb offers the same load balancing algorithms as FortiGate.
Which two Layer 7 switch methods does FortiWeb also offer? (Choose two.)

A. HTTP session-based round robin

B. HTTP user-based round robin

C. Round robin

D. HTTP content routes

Correct Answer: C,D

Question 10

Which operation mode does not require additional configuration in order to allow FTP traffic to your web server?

A. Offline Protection

B. Reverse-Proxy

C. Transparent Inspection

D. True Transparent Proxy

Correct Answer: C

Fortinet FCP - FortiWeb 7.4 Administrator - FCP_FWB_AD-7.4 Exam Practice Test

Latest Update

Useful Links

Contact Us