Free FCP – FortiWeb 7.4 Administrator Exam FCP_FWB_AD-7.4 Exam Practice Test

An attacker attempts to send an SQL injection attack containing the known attack string 'root'; -- through an API call.Which FortiWeb inspection feature will be able to detect this attack the quickest?

• API gateway rule
• Known signatures
• Machine learning (ML)-based API protection—anomaly detection
• ML-based API protection—threat detection

How are bot machine learning (ML) models different from API or anomaly detection models?

• Bot ML models analyze multiple connections overtime instead analyzing each connection as a single unit.
• Bot ML models detect only anomalies and not actual threats.
• Bot ML models inspect more types of connection properties.
• Bot ML models do not update models periodically from new data.

Which two objects are required to configure a server policy in reverse proxy mode without content routing? (Choose two.)

• Site publishing
• Protected hostname
• Virtual server
• Server pool

In which two operating modes can FortiWeb modify HTTP packets? (Choose two.)

• True transparent proxy
• Virtual proxy
• Transparent inspection
• Reverse proxy

A customer wants to be able to index your websites for search and advertisement purposes. What is the easiest way to allow this on a FortiWeb?

• Add the indexer IP address to the trusted IP list on the FortiWeb.
• Add the indexer IP address to the FortiGuard "Known Search Engines" category.
• Create a firewall rule to bypass the FortiWeb entirely for the indexer IP address.
• Do not allow any external sites to index your websites.

In SAML deployments, which server contains user authentication credentials (username/password)?

• Identity provider
• Service provider
• User database
• Authentication client

Which two functions does the first layer of the FortiWeb anomaly machine learning (ML) analysis mechanism perform? (Choose two.)

• Determines whether an anomaly is a real attack or just a harmless anomaly that should be ignored
• Determines a probability model behind every parameter and HTTP method passing through FortiWeb
• Determines whether traffic is an anomaly, based on observable features overtime
• Determines if a detected threat is a false-positive or not

When is it possible to use a self-signed certificate, rather than one purchased from a commercial certificate authority?

• If you are an enterprise whose employees use only mobile devices
• If you are a small business or home office
• If you are an enterprise whose computers all trust the active directory or CA server that signed the certificate
• If you are an enterprise whose resources do not need security or https connections

Which is an example of a cross-site scripting (XSS) attack?

• SELECT username FROM accounts WHERE username='admin';-- ' AND password='password';
• 
• SELECT username FROM accounts WHERE username='XSS' ' ANDpassword='alert("http://badurl.com")';
• 

What are two possible impacts of a DoS attack on your web server? (Choose two.)

• The web application starts accepting unencrypted traffic.
• The web application is unable to accept any more connections because of network socket exhaustion.
• The web application server is unable to accept new client sessions due to memory exhaustion.
• The web application server database is compromised with data theft.