Summer Certification Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Free and Premium Fortinet NSE5_FWB_AD-8.0 Dumps Questions Answers

Fortinet NSE 5 - FortiWeb 8.0 Administrator Questions and Answers

Question 1

You are reviewing the FortiWeb integration with the Advanced Bot Protection (ABP) service.

Match each step in the ABP flow with its description.

Options:

Buy Now
Question 2

Which situation best explains when a FortiWeb administrator should enable automatic HTTP-to-HTTPS redirection?

Options:

A.

The organization prefers to keep both HTTP and HTTPS available for flexibility.

B.

Users are accessing a static website that does not handle sensitive data.

C.

The back-end server uses only HTTP and cannot support encryption.

D.

The web application handles logins or personal data and must ensure encrypted communication.

Question 3

A FortiWeb administrator wants to create a machine learning (ML)-based bot detection system.

Which three actions must the administrator take to build and activate this ML model? (Choose three.)

Options:

A.

Collect traffic samples for training.

B.

Verify the model manually on test data only.

C.

Apply Bayesian analysis to the model output.

D.

Build the detection model using collected data.

E.

Run the model in the live environment.

Question 4

You are reviewing a report from your FortiWeb logs and notice a JavaScript payload like < script > document.cookie < /script > is submitted through a product review form. The page doesn’t filter the script, and when users view the review, their session cookies are exposed.

Why is this attack dangerous?

Options:

A.

It executes code in the victim’s browser.

B.

It leaks back-end database information.

C.

It bypasses login pages.

D.

It forces a victim to click malicious links.

Question 5

A large enterprise has an existing web infrastructure with complex routing rules and static IP address assignments. The network administrators cannot modify the current IP address scheme, but they need FortiWeb to inspect and block threats like SQL injection and cross-site scripting (XSS) without changing the client-server communication flow.

In this situation, which FortiWeb operation mode is the most suitable?

Options:

A.

Reverse proxy mode

B.

Web Cache Communication Protocol (WCCP) redirection mode

C.

True transparent proxy mode

D.

Decryption mirror mode

Question 6

Refer to the exhibit.

You are configuring SSL offloading on FortiWeb to protect a public-facing application. Clients connect using HTTPS, while FortiWeb forwards requests to the back-end server using HTTP.

You are reviewing certificate deployment and need to decide where to install the private key for the certificate used in client connections.

In this SSL offloading setup, which device is responsible for using the private key associated with the web server certificate?

Options:

A.

FortiWeb, because it terminates the HTTPS session and decrypts traffic.

B.

None. SSL offloading does not require a private key because FortiWeb only forwards traffic.

C.

The server, because it always handles certificates regardless of SSL mode.

D.

The client, because it initiates the TLS handshake and verifies the certificate.

Question 7

Refer to the exhibit.

There is only one administrator account configured on FortiWeb and IPv6 is not configured on any interface.

Which action should an administrator take to restrict any brute force attacks that attempt to gain access to the FortiWeb management GUI?

Options:

A.

Make configuration changes on the upstream device.

B.

Replace 0.0.0.0/0 with a specific IP address.

C.

Delete the built-in administrator user and create a new one.

D.

Change the setting in the Access Profile field to Read_Only .

Question 8

You need to monitor and respond to repeated suspicious activity from individual users who are accessing your web application.

Your goal is to evaluate each action the user takes and apply a response when their behavior becomes risky.

What can you configure on FortiWeb to track user behavior and respond automatically when risky activity continues?

Options:

A.

Configure rate limiting on the IP reputation blocklist.

B.

Add a custom signature to block suspicious URLs immediately.

C.

Enable automatic cookie security under the server policy.

D.

Set up scoring in the protection profile to track request behavior over time.

Question 9

A FortiWeb administrator is deciding between using SAML SSO or HTML authentication. They want to minimize the number of credential prompts users receive across multiple Fortinet services.

Which statement accurately describes which option is best, and why?

Options:

A.

SAML SSO, because it supports identity authentication on Fortinet devices.

B.

SAML, because it blocks users from accessing anything not approved in FortiWeb policy.

C.

HTML form authentication, because it’s faster and doesn’t need external systems.

D.

HTML form, because it provides token-based access to remote services.

Question 10

A FortiWeb administrator is hardening a customer checkout website.

The site contains sensitive links such as Login, Payment, and Admin, which are embedded in the HTML content of several pages.

A vulnerability scan shows that automated bots can crawl the web pages and easily enumerate these links by parsing the HTML source, even though users access them normally, through the site navigation.

Which FortiWeb feature should the administrator enable to prevent automated scanners from discovering these links?

Options:

A.

Link cloaking

B.

URL rewriting

C.

URL encryption

D.

Deep packet inspection