最新的Fortinet NSE 5 - FortiWeb 8.0 Administrator - NSE5_FWB_AD-8.0免費考試真題
問題1
You are reviewing SSL-related issues on FortiWeb. An administrator reports that they receive a certificate warning when they access the FortiWeb GUI over HTTPS. Separately, your FortiWeb device also makes outbound HTTPS requests to a back-end API server.
In which two situations would FortiWeb use its own certificates to establish or secure the connection?
(Choose two.)
You are reviewing SSL-related issues on FortiWeb. An administrator reports that they receive a certificate warning when they access the FortiWeb GUI over HTTPS. Separately, your FortiWeb device also makes outbound HTTPS requests to a back-end API server.
In which two situations would FortiWeb use its own certificates to establish or secure the connection?
(Choose two.)
正確答案: A,C
說明:(僅 PDFExamDumps 成員可見)
問題2
Refer to the exhibit.

There is only one administrator account configured on FortiWeb and IPv6 is not configured on any interface.
Which action should an administrator take to restrict any brute force attacks that attempt to gain access to the FortiWeb management GUI?
Refer to the exhibit.

There is only one administrator account configured on FortiWeb and IPv6 is not configured on any interface.
Which action should an administrator take to restrict any brute force attacks that attempt to gain access to the FortiWeb management GUI?
正確答案: B
說明:(僅 PDFExamDumps 成員可見)
問題3
Refer to the exhibits.


You are configuring a FortiWeb device in reverse proxy mode, placed downstream from a FortiGate. The server pool includes two back-end web servers: 10.1.1.21 and 10.1.1.22, and you've defined a health check policy.
After completing the server policy configuration and applying it to a virtual server, you notice that FortiWeb is not forwarding traffic to the back-end servers. No errors or health check failures appear in the logs.
Based on the configuration shown in the exhibit, which change should you make to restore back-end traffic flow?
Refer to the exhibits.


You are configuring a FortiWeb device in reverse proxy mode, placed downstream from a FortiGate. The server pool includes two back-end web servers: 10.1.1.21 and 10.1.1.22, and you've defined a health check policy.
After completing the server policy configuration and applying it to a virtual server, you notice that FortiWeb is not forwarding traffic to the back-end servers. No errors or health check failures appear in the logs.
Based on the configuration shown in the exhibit, which change should you make to restore back-end traffic flow?
正確答案: D
說明:(僅 PDFExamDumps 成員可見)
問題4
You are hosting multiple secure web applications behind a single public IP address on FortiWeb.
When a client connects to a service, FortiWeb needs to:
* Identify the correct SSL certificate.
* Decrypt the request.
* Route the request to the correct back-end server.
Match each FortiWeb function to the request handling step that performs the function.

You are hosting multiple secure web applications behind a single public IP address on FortiWeb.
When a client connects to a service, FortiWeb needs to:
* Identify the correct SSL certificate.
* Decrypt the request.
* Route the request to the correct back-end server.
Match each FortiWeb function to the request handling step that performs the function.

正確答案:

Explanation:

When multiple HTTPS applications share one public IP address, the client begins the TLS connection and includes the requested hostname in the SNI field. FortiWeb uses SNI-based certificate selection to choose the appropriate certificate for that hostname. After presenting the correct certificate and completing the TLS handshake, FortiWeb decrypts the HTTPS session so it can inspect HTTP content. Content inspection then evaluates the host header and URL path, which are needed for application-aware routing decisions. Finally, intelligent traffic routing forwards the request to the correct back-end server or server pool. The sequence matters: FortiWeb cannot inspect the host and URL path or route by content until the HTTPS session is terminated and decrypted.