Priya Dogra – Certification | Jobs | Internships
Question 1: When considering web application firewalls, what two factors make a signature-based approach to defense, obsolete? (Choose two.)
- Signature-based detection is too slow to identify threats.
- Signature-based detection is not effective against zero-day exploits.
- Signature-based detection, when used alone, can generate many false positives.
- Signatures cannot stop SQL injection attacks.
Question 2: Which was the predecessor to a web application firewall?
- Antivirus software
- Application firewall
- Web firewall
- Internet filter
Question 3: What do web application firewalls do that traditional edge firewalls do not?
- Block port numbers
- Block protocols
- Block MAC addresses
- Block SQL injection attacks
Question 4: What does a web application firewall do?
- It allows applications to access online content.
- It prevents applications from accessing the web at certain times of the day.
- It monitors and blocks malicious HTTP/HTTPS traffic to and from a web application.
- It provides a means for businesses to monitor which web applications their users are accessing.
Question 5: Which statement about integrating FortiGuard Labs with FortiWeb is true?
- FortiGuard Labs must be integrated with FortiGate first, before integrating with FortiWeb.
- FortiGuard Labs is an optional feature that does not provide any benefits to FortiWeb.
- FortiGuard Labs provides vital updates to FortiWeb about new threats.
- FortiGuard Labs provides machine learning features to FortiWeb.
Question 6: In which two ways does machine learning help make modern web application firewalls more effective? (Choose two.)
- It allows them to return search results quicker than using traditional filtering methods.
- It allows them to adapt to the ever-changing attributes of threats.
- It allows them to choose the most appropriate web application for a given task.
- It allows them to perform behavior analysis at machine speed.
Question 7: Which two products can be integrated with FortiWeb? (Choose two.)
- FortiPhone
- FortiConnect
- FortiGate
- FortiFax
- FortiSandbox
Question 8: Which action can a modern WAF do?
Select one:
- Stop any user action should it exceed their network permissions
- Survey the network and calculate a value to represent the security posture
- Segment the network based on device type and user role
- Connect all tools in the security stack into defined workflows
Question 9: Which three features are characteristics of the latest generation WAF? (Choose two.)
Select one or more:
- SPU
- DDoS defense
- DLP
- Network segmentation
- IP reputation
Question 10: Which protocol traffic does a web application firewall (WAF) monitor?
Select one:
- HTTP
- CLNP
- IP
- TCP
Question 11: Which new feature characterized second-generation WAFs?
Select one:
- Packet analysis
- Machine learning without human supervision
- Port and protocol blocking
- Heuristics
Question 12: Which event was the motivation for web application firewall (WAFs)?
Select one:
- The development of the hypertext transfer protocol
- The debut of the World Wide Web
- ARPANET was brought online
- The first wide area network (WAN)
Question 13: Which firewall is positioned between a web application and the Internet?
Select one:
- Packet filter firewall
- Segmentation firewall
- Web application firewall
- Edge firewal
