Question 1

An e-commerce web app is used by small businesses. Clients often access it from offices behind a router, where clients are on an IPv4 private network LAN. You need to protect the web application from denial of service attacks that use request floods.What FortiWeb feature should you configure?

Options :

A : Enable ''Shared IP'' and configure the separate rate limits for requests from NATted source IPs.

B : Enable SYN cookies.

C : Configure FortiWeb to use ''X-Forwarded-For:'' headers to find each client-s private network IP, and to block attacks using that.

D : Configure a server policy that matches requests from shared Internet connections.

Answer: B

Question 2

When configuring protected hostnames in FortiWeb, what is their primary purpose?

Options :

A : Defining NAT policies

B : Redirecting traffic to a specific URL

C : Identifying internal network resources

D : Blocking outgoing traffic

Answer: C

Question 3

Which command will enable debugging for the FortiWeb user tracking feature?

Options :

A : debug enable user-tracking 7

B : diagnose debug application user-cracking 7

C : debug application user-cracking 7

D : diagnose debug enable user-cracking 7

Answer: B

Question 4

What is the primary benefit of using a content delivery network (CDN) in application delivery?

Options :

A : Enhanced content distribution and availability

B : Improved server security

C : Simplified URL rewriting

D : Centralized content management

Answer: A

Question 5

Which of the following is a common attack vector that API protection aims to mitigate?

Options :

A : Unauthorized access to APIs

B : Distributed Denial of Service (DDoS) attacks

C : SQL injection attacks

D : Cross-site scripting (XSS) attacks

Answer: A