Summer Sale Limited Time 75% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code = simple75

Pass the Fortinet NSE 5 Network Security Analyst NSE5_FWB_AD-8.0 Questions and answers with Dumpstech

Exam NSE5_FWB_AD-8.0 Premium Access

View all detail and faqs for the NSE5_FWB_AD-8.0 exam

Practice at least 50% of the questions to maximize your chances of passing.
Viewing page 1 out of 1 pages
Viewing questions 1-10 out of questions
Questions # 1:

You are hosting multiple secure web applications behind a single public IP address on FortiWeb.

When a client connects to a service, FortiWeb needs to:

    Identify the correct SSL certificate.

    Decrypt the request.

    Route the request to the correct back-end server.

Match each FortiWeb function to the request handling step that performs the function.

Question # 1

Options:

Questions # 2:

A third-party penetration test reveals that users can bypass login controls through a mobile API. Your current FortiWeb configuration includes zero trust network access (ZTNA) profiles and cookie security, but API protection and client management are not enabled. The security team asks you to recommend the most effective way to close this gap.

Which FortiWeb adjustment would best prevent future unauthorized API access?

Options:

A.

Switch to a reverse-proxy mode to bypass cookie-based controls.

B.

Enable API protection and client management to enforce identity checks on mobile API traffic.

C.

Replace ZTNA with bot protection to reduce false positives.

D.

Log only API traffic and rely on FortiAnalyzer for future alerts.

Questions # 3:

A large enterprise has an existing web infrastructure with complex routing rules and static IP address assignments. The network administrators cannot modify the current IP address scheme, but they need FortiWeb to inspect and block threats like SQL injection and cross-site scripting (XSS) without changing the client-server communication flow.

In this situation, which FortiWeb operation mode is the most suitable?

Options:

A.

Reverse proxy mode

B.

Web Cache Communication Protocol (WCCP) redirection mode

C.

True transparent proxy mode

D.

Decryption mirror mode

Questions # 4:

Which situation best explains when a FortiWeb administrator should enable automatic HTTP-to-HTTPS redirection?

Options:

A.

The organization prefers to keep both HTTP and HTTPS available for flexibility.

B.

Users are accessing a static website that does not handle sensitive data.

C.

The back-end server uses only HTTP and cannot support encryption.

D.

The web application handles logins or personal data and must ensure encrypted communication.

Questions # 5:

You are working on securing HTTPS communication across different services using FortiWeb. Your task is to configure and validate digital certificates for various traffic and communication needs.

Match each FortiWeb certificate feature to the certificate-related task that supports the feature.

Question # 5

Options:

Questions # 6:

FortiWeb is blocking groups of users behind your load balancer. In the logs, all users show the same source IP address.

Which action should you take to restore proper client identification?

Options:

A.

Add a bot detection rule in the protection profile.

B.

Update the signature engine.

C.

Reconfigure the load balancer to insert the original client IP address in an HTTP header.

D.

Enable caching for HTTPS traffic.

Questions # 7:

Refer to the exhibit.

Question # 7

You have deployed FortiWeb behind a FortiGate that is configured as a reverse proxy and inserts the X-Forwarded-For HTTP header when forwarding HTTP and HTTPS traffic.

FortiWeb is using a custom inline protection profile, and logging is enabled, as shown in the exhibit.

You notice that FortiWeb is blocking legitimate users, and all requests in the attack logs appear to come from the FortiGate IP address, not the original client IP address.

Which action should you take to fix this issue?

Options:

A.

Replace the current deployment mode with a one-arm proxy to expose source IP addresses.

B.

Disable IP-based detection features on FortiWeb to avoid IP-related blocking.

C.

Recreate the server policy using the predefined profile instead of a custom one.

D.

Modify the protection profile to use the X-Forwarded-For header for client IP address detection.

Questions # 8:

While reviewing FortiWeb logs, you notice a suspicious login request that failed authentication. You suspect it may be part of an injection attack targeting the login form.

Which input pattern is an example of a typical SQL injection attempt that could bypass authentication checks?

Options:

A.

'||(SELECT password FROM users WHERE role='admin')||'

B.

< sql > select(ALL USERS); < /sql >

C.

< script > document.location='/steal?cookie='+document.cookie < /script >

D.

SELECT username FROM accounts WHERE username='admin';-- ' AND password='password';

Questions # 9:

You are reviewing SSL-related issues on FortiWeb. An administrator reports that they receive a certificate warning when they access the FortiWeb GUI over HTTPS. Separately, your FortiWeb device also makes outbound HTTPS requests to a back-end API server.

In which two situations would FortiWeb use its own certificates to establish or secure the connection? (Choose two.)

Options:

A.

When a client browser initiates an SSL session and FortiWeb is in transparent inspection mode.

B.

When FortiWeb is routing an HTTPS connection to a FortiGate without decrypting it.

C.

When an administrator connects to the FortiWeb GUI using HTTPS in a browser.

D.

When FortiWeb connects to a back-end server over HTTPS as a client.

Questions # 10:

Refer to the exhibit.

Question # 10

Question # 10

A FortiWeb administrator tests a new form input value after training the machine learning (ML) anomaly detection system.

The hidden Markov model (HMM) flags the input as abnormal, while the support vector machine (SVM) model classifies it as normal. FortiWeb allows the request.

What does this result indicate about the FortiWeb ML anomaly detection behavior?

Options:

A.

The anomaly detection thresholds are too low and must be increased.

B.

One of the ML models should be disabled to avoid inconsistent results.

C.

FortiWeb is correctly allowing an unusual but non-malicious input based on combined HMM and SVM evaluation.

D.

FortiWeb failed to detect an attack and should have blocked the request.

Viewing page 1 out of 1 pages
Viewing questions 1-10 out of questions