EMT Practice Test

1. Question Content...


Question List

Question1: Which implementation is best suited for a deployment that must meet compliance criteria?

Question2: You are using HTTP content routing on FortiWeb. Requests for web app A should be forwarded to a cluster of web servers which all host the same web app. Requests for web app B should be forwarded to a different, single web server.
Which is true about the solution?

Question3: In which scenario might you want to use the compression feature on FortiWeb?

Question4: When FortiWeb triggers a redirect action, which two HTTP codes does it send to the client to inform the browser of the new URL? (Choose two.)

Question5: What must you do with your FortiWeb logs to ensure PCI DSS compliance?

Question6: Which three statements about HTTPS on FortiWeb are true? (Choose three.)

Question7: Under which circumstances does FortiWeb use its own certificates? (Choose Two)

Question8: You are configuring FortiAnalyzer to store logs from FortiWeb.
Which is true?

Question9: You are configuring FortiAnalyzer to store logs from FortiWeb.
Which is true?

Question10: Refer to the exhibit.

FortiADC is applying SNAT to all inbound traffic going to the servers. When an attack occurs, FortiWeb blocks traffic based on the 192.0.2.1 source IP address, which belongs to FortiADC. The setup is breaking all connectivity and genuine clients are not able to access the servers.
What must the administrator do to avoid this problem? (Choose two.)

Question11: In Reverse proxy mode, how does FortiWeb handle traffic that does not match any defined policies?

Question12: Which is true about HTTPS on FortiWeb? (Choose three.)

Question13: When is it possible to use a self-signed certificate, rather than one purchased from a commercial certificate authority?

Question14: What role does FortiWeb play in ensuring PCI DSS compliance?

Question15: Refer to the exhibit.

Many legitimate users are being identified as bots. FortiWeb bot detection has been configured with the settings shown in the exhibit. The FortiWeb administrator has already verified that the current model is accurate.
What can the administrator do to fix this problem, making sure that real bots are not allowed through FortiWeb?

Question16: What capability can FortiWeb add to your Web App that your Web App may or may not already have?

Question17: What other consideration must you take into account when configuring Defacement protection

Question18: Refer to the exhibit.

There is only one administrator account configured on FortiWeb. What must an administrator do to restrict any brute force attacks that attempt to gain access to the FortiWeb management GUI?

Question19: Under what circumstances would you want to use the temporary uncompress feature of FortiWeb?

Question20: What can an administrator do if a client has been incorrectly period blocked?

Question21: A client is trying to start a session from a page that should normally be accessible only after they have logged in.
When a start page rule detects the invalid session access, what can FortiWeb do? (Choose three.)

Question22: The FortiWeb machine learning (ML) feature is a two-phase analysis mechanism.
Which two functions does the first layer perform? (Choose two.)