Question 1

When configuring access control for a web application, which methods can be used to enforce security? (Select all that apply)

Options :

A : Captcha verification

B : Two-factor authentication (2FA)

C : Role-based access control (RBAC)

D : IP whitelisting

Answer: C,D

Question 2

Which FortiWeb configuration element is used to define rules for allowing or blocking specific types of traffic?

Options :

A : High Availability (HA)

B : Protected hostname

C : Firewall policy

D : Security profile

Answer: C

Question 3

In FortiWeb, which component is responsible for handling incoming traffic and applying security policies?

Options :

A : FortiGate

B : FortiManager

C : Server pool

D : Web Application Firewall (WAF)

Answer: D

Question 4

When configuring protected hostnames in FortiWeb, what is their primary purpose?

Options :

A : Defining NAT policies

B : Redirecting traffic to a specific URL

C : Identifying internal network resources

D : Blocking outgoing traffic

Answer: C

Question 5

What is the primary purpose of configuring threat mitigation features in web application security?

Options :

A : Enhancing application performance

B : Optimizing database management

C : Improving user interface design

D : Protecting against malicious activities and attacks

Answer: D