Question # 4

What role does FortiWeb play in ensuring PCI DSS compliance?

PCI specifically requires a WAF

Provides credit card processing capabilities

Provide ability to securely process cash transactions

Provides load balancing between multiple web servers

Full Access

Question # 5

When FortiWeb triggers a redirect action, which two HTTP codes does it send to the client to inform the browser of the new URL? (Choose two.)

403

302

301

404

Full Access

Question # 6

A client is trying to start a session from a page that should normally be accessible only after they have logged in.

When a start page rule detects the invalid session access, what can FortiWeb do? (Choose three.)

Reply with a “403 Forbidden” HTTP error

Allow the page access, but log the violation

Automatically redirect the client to the login page

Display an access policy message, then allow the client to continue, redirecting them to their requested page

Prompt the client to authenticate

Full Access

Question # 7

In which scenario might you want to use the compression feature on FortiWeb?

When you are serving many corporate road warriors using 4G tablets and phones

When you are offering a music streaming service

When you want to reduce buffering of video streams

Never, since most traffic today is already highly compressed

Full Access

Question # 8

How does your FortiWeb configuration differ if the FortiWeb is upstream of the SNAT device instead of downstream of the SNAT device?

You must enable the “Use” X-Forwarded-For: option.

FortiWeb must be set for Transparent Mode

No special configuration required

You must enable “Add” X-Forwarded-For: instead of the “Use” X-Forwarded-For: option.

Full Access

Exact2Pass Menu

Exact2Pass