Summer Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: buysanta

Exact2Pass Menu

Fortinet NSE 5 - FortiWeb 8.0 Administrator

Last Update 2 hours ago Total Questions : 36

The Fortinet NSE 5 - FortiWeb 8.0 Administrator content is now fully updated, with all current exam questions added 2 hours ago. Deciding to include NSE5_FWB_AD-8.0 practice exam questions in your study plan goes far beyond basic test preparation.

You'll find that our NSE5_FWB_AD-8.0 exam questions frequently feature detailed scenarios and practical problem-solving exercises that directly mirror industry challenges. Engaging with these NSE5_FWB_AD-8.0 sample sets allows you to effectively manage your time and pace yourself, giving you the ability to finish any Fortinet NSE 5 - FortiWeb 8.0 Administrator practice test comfortably within the allotted time.

Question # 1

A FortiWeb administrator wants to stop coordinated scraping traffic coming from several IP addresses, each making only a few requests so thresholds never trigger.

Which tactic should the administrator deploy to identify botnets using shared behavioral signals instead of volume?

A.

A DoS protection profile with extremely low request limits for the entire site.

B.

A static blocklist for all IP addresses seen in logs, even if most appear only once.

C.

Bot mitigation with device fingerprinting to correlate clients by behavior, headers, and JavaScript challenges instead of IP address volume.

D.

A web application firewall (WAF) rule that blocks every user agent that is not on a manually created allowlist.

Question # 2

Refer to the exhibit.

What does the exhibit show?

A.

The FortiGate UI interface in HTML.

B.

A sample response returned by the FortiGate API at https://fortigate.com/ui.

C.

The result of a show ui details command on a FortiWeb server.

D.

An API schema file.

Question # 3

While reviewing FortiWeb logs, you notice a suspicious login request that failed authentication. You suspect it may be part of an injection attack targeting the login form.

Which input pattern is an example of a typical SQL injection attempt that could bypass authentication checks?

A.

'||(SELECT password FROM users WHERE role='admin')||'

B.

< sql > select(ALL USERS); < /sql >

C.

< script > document.location='/steal?cookie='+document.cookie < /script >

D.

SELECT username FROM accounts WHERE username='admin';-- ' AND password='password';

Question # 4

FortiWeb is blocking groups of users behind your load balancer. In the logs, all users show the same source IP address.

Which action should you take to restore proper client identification?

A.

Add a bot detection rule in the protection profile.

B.

Update the signature engine.

C.

Reconfigure the load balancer to insert the original client IP address in an HTTP header.

D.

Enable caching for HTTPS traffic.

Question # 5

Which situation best explains when a FortiWeb administrator should enable automatic HTTP-to-HTTPS redirection?

A.

The organization prefers to keep both HTTP and HTTPS available for flexibility.

B.

Users are accessing a static website that does not handle sensitive data.

C.

The back-end server uses only HTTP and cannot support encryption.

D.

The web application handles logins or personal data and must ensure encrypted communication.

Question # 6

You have configured parameter validation, file security, and machine learning (ML) anomaly detection for a web form, but some server-side request forgery tests are still succeeding. You need to advise the team on what to prioritize next to improve SSRF protection without compromising other parts of the application.

Which recommendation would best strengthen FortiWeb’s ability to block remaining SSRF attempts?

A.

Disable ML anomaly detection and rely solely on parameter inspection.

B.

Review and refine input validation logic, as SSRF may be exploiting backend behavior or bypassing weak filters.

C.

Offload all server-side request forgery (SSRF) protection to FortiGate and remove FortiWeb from the API flow.

D.

Apply HTTPS inspection at the transport layer, which FortiWeb does not use to block SSRF.

Question # 7

Refer to the exhibit.

You have deployed FortiWeb behind a FortiGate that is configured as a reverse proxy and inserts the X-Forwarded-For HTTP header when forwarding HTTP and HTTPS traffic.

FortiWeb is using a custom inline protection profile, and logging is enabled, as shown in the exhibit.

You notice that FortiWeb is blocking legitimate users, and all requests in the attack logs appear to come from the FortiGate IP address, not the original client IP address.

Which action should you take to fix this issue?

A.

Replace the current deployment mode with a one-arm proxy to expose source IP addresses.

B.

Disable IP-based detection features on FortiWeb to avoid IP-related blocking.

C.

Recreate the server policy using the predefined profile instead of a custom one.

D.

Modify the protection profile to use the X-Forwarded-For header for client IP address detection.

Question # 8

A FortiWeb administrator wants to create a machine learning (ML)-based bot detection system.

Which three actions must the administrator take to build and activate this ML model? (Choose three.)

A.

Collect traffic samples for training.

B.

Verify the model manually on test data only.

C.

Apply Bayesian analysis to the model output.

D.

Build the detection model using collected data.

E.

Run the model in the live environment.

Question # 9

A FortiWeb administrator needs to allow a known web indexer to scan the website for search engine visibility.

What is the easiest way to allow this on FortiWeb?

A.

Add the web indexer IP address to the trusted IP address list.

B.

Add the web indexer IP address to an IP exception list inside the inline protection profile.

C.

Add the web indexer IP address to the FortiGuard Known Search Engines category.

D.

Add the web indexer user-agent string to a custom signature exception rule.

Question # 10

Refer to the exhibit.

You are a FortiWeb administrator reviewing the biometrics-based detection rule shown in the exhibit. Your goal is to configure a rule that detects bots that avoid typical human interactions like using a mouse or clicking. You also want to log the detection event and apply a high-severity alert.

Based on the current configuration, which settings should you change to meet this goal?

A.

Select Screen Touch and Page Focus , set the severity to Low , and keep action as Deny (no log) .

B.

Select Keyboard and Scroll , change the action to Alert , and set the severity to High .

C.

Select Mouse Movement and Click , change the action to Alert , and set the severity to High .

D.

Do not select any client events to monitor, enable Bot Trait Checking , keep the current severity, and keep the action as Deny (no log) .