Fortinet NSE 5 - FortiWeb 8.0 Administrator Sample Questions:
1. You are reviewing SSL-related issues on FortiWeb. An administrator reports that they receive a certificate warning when they access the FortiWeb GUI over HTTPS. Separately, your FortiWeb device also makes outbound HTTPS requests to a back-end API server.
In which two situations would FortiWeb use its own certificates to establish or secure the connection?
(Choose two.)
A) When a client browser initiates an SSL session and FortiWeb is in transparent inspection mode.
B) When FortiWeb is routing an HTTPS connection to a FortiGate without decrypting it.
C) When an administrator connects to the FortiWeb GUI using HTTPS in a browser.
D) When FortiWeb connects to a back-end server over HTTPS as a client.
2. Refer to the exhibit.
You have deployed FortiWeb behind a FortiGate that is configured as a reverse proxy and inserts the X- Forwarded-For HTTP header when forwarding HTTP and HTTPS traffic.
FortiWeb is using a custom inline protection profile, and logging is enabled, as shown in the exhibit.
You notice that FortiWeb is blocking legitimate users, and all requests in the attack logs appear to come from the FortiGate IP address, not the original client IP address.
Which action should you take to fix this issue?
A) Replace the current deployment mode with a one-arm proxy to expose source IP addresses.
B) Modify the protection profile to use the X-Forwarded-For header for client IP address detection.
C) Recreate the server policy using the predefined profile instead of a custom one.
D) Disable IP-based detection features on FortiWeb to avoid IP-related blocking.
3. A FortiWeb administrator needs to allow a known web indexer to scan the website for search engine visibility.
What is the easiest way to allow this on FortiWeb?
A) Add the web indexer IP address to the FortiGuard Known Search Engines category.
B) Add the web indexer user-agent string to a custom signature exception rule.
C) Add the web indexer IP address to an IP exception list inside the inline protection profile.
D) Add the web indexer IP address to the trusted IP address list.
4. A large enterprise has an existing web infrastructure with complex routing rules and static IP address assignments. The network administrators cannot modify the current IP address scheme, but they need FortiWeb to inspect and block threats like SQL injection and cross-site scripting (XSS) without changing the client-server communication flow.
In this situation, which FortiWeb operation mode is the most suitable?
A) True transparent proxy mode
B) Decryption mirror mode
C) Web Cache Communication Protocol (WCCP) redirection mode
D) Reverse proxy mode
Solutions:
| Question # 1 Answer: C,D | Question # 2 Answer: B | Question # 3 Answer: A | Question # 4 Answer: A |
We're so confident of our products that we provide no hassle product exchange.


By Edith

