Summer Sale - Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 65percent

Welcome To DumpsPedia

NSE5_FWB_AD-8.0 Sample Questions Answers

Questions 4

A FortiWeb administrator sees the following request:

GET /api/v1/data HTTP/1.1

Host: example.com

Authorization: ApiKey abc123def456

The API key belongs to a user in group B who is authorized to access only /api/v1/reports.

What should the administrator do to prevent this unauthorized access?

Options:

A.

Restrict access to /api/v1/data using user group–based access control.

B.

Block /api/v1/data for all user groups to avoid policy confusion.

C.

Move the user to group A so they can access both endpoints.

D.

Allow all valid API keys to access any API endpoint.

Buy Now
Questions 5

Which situation best explains when a FortiWeb administrator should enable automatic HTTP-to-HTTPS redirection?

Options:

A.

The organization prefers to keep both HTTP and HTTPS available for flexibility.

B.

Users are accessing a static website that does not handle sensitive data.

C.

The back-end server uses only HTTP and cannot support encryption.

D.

The web application handles logins or personal data and must ensure encrypted communication.

Buy Now
Questions 6

You have configured parameter validation, file security, and machine learning (ML) anomaly detection for a web form, but some server-side request forgery tests are still succeeding. You need to advise the team on what to prioritize next to improve SSRF protection without compromising other parts of the application.

Which recommendation would best strengthen FortiWeb’s ability to block remaining SSRF attempts?

Options:

A.

Disable ML anomaly detection and rely solely on parameter inspection.

B.

Review and refine input validation logic, as SSRF may be exploiting backend behavior or bypassing weak filters.

C.

Offload all server-side request forgery (SSRF) protection to FortiGate and remove FortiWeb from the API flow.

D.

Apply HTTPS inspection at the transport layer, which FortiWeb does not use to block SSRF.

Buy Now
Questions 7

FortiWeb is blocking groups of users behind your load balancer. In the logs, all users show the same source IP address.

Which action should you take to restore proper client identification?

Options:

A.

Add a bot detection rule in the protection profile.

B.

Update the signature engine.

C.

Reconfigure the load balancer to insert the original client IP address in an HTTP header.

D.

Enable caching for HTTPS traffic.

Buy Now
Questions 8

Your team is spending too much time digging through FortiWeb logs to investigate threats.

How can FortiAI improve this workflow?

Options:

A.

It disables logging to improve performance.

B.

It blocks malicious IP addresses automatically.

C.

It replaces the need for FortiGuard updates.

D.

It explains recent events using natural language.

Buy Now
Questions 9

Refer to the exhibit.

There is only one administrator account configured on FortiWeb and IPv6 is not configured on any interface.

Which action should an administrator take to restrict any brute force attacks that attempt to gain access to the FortiWeb management GUI?

Options:

A.

Make configuration changes on the upstream device.

B.

Replace 0.0.0.0/0 with a specific IP address.

C.

Delete the built-in administrator user and create a new one.

D.

Change the setting in the Access Profile field to Read_Only .

Buy Now
Questions 10

You are a FortiWeb administrator investigating an SQL injection attack on your company’s customer portal. The network firewall and intrusion prevention system (IPS) did not stop the attack.

You decide to deploy a web application firewall (WAF) to help prevent this type of attack.

Which two actions can you take to block application-layer threats? (Choose two.)

Options:

A.

Focus on client-side risks, such as protecting user browsers.

B.

Inspect general network traffic equally between clients and servers.

C.

Detect and block threats like SQL injection, cross-site scripting (XSS), and other Layer 7 attacks.

D.

Filter and analyze HTTP/S requests to block attacks targeting the web server.

Buy Now
Exam Code: NSE5_FWB_AD-8.0
Exam Name: Fortinet NSE 5 - FortiWeb 8.0 Administrator
Last Update: Jul 8, 2026
Questions: 36

PDF + Testing Engine

$64.99 $185.69

Testing Engine

$49.99 $142.83

PDF (Q&A)

$54.99 $157.11