NSE6_FAD-6.2 Online Practice Questions and Answers

Refer to the exhibit.

FortiADC is applying SNAT to all inbound traffic going to the servers. When an attack occurs, FortiWeb blocks traffic based on the 192.0.2.1 source IP address, which belongs to FortiADC. The setup is breaking all connectivity and genuine clients are not able to access the servers.

What must the administrator do to avoid this problem? (Choose two.)

A. Enable the Use X-Forwarded-For setting on FortiWeb.

B. No Special configuration is required; connectivity will be re-established after the set timeout.

C. Place FortiWeb in front of FortiADC.

D. Enable the Add X-Forwarded-For setting on FortiWeb.

In global load balancing, why might an administrator configure the response rate limit in FortiADC?

A. To redirect requests from a blocked county

B. To prevent FortiADG from being used in DNS amplification DoS attacks

C. To protect back-end servers from SYN flood attacks D. To prioritize outgoing traffic by sending it through the link with the lowed response time

An organization has decided to automate specific tasks by leveraging the fortiADC REST API. The tasks will perform updates to existing items. Which REST API method should you use to update existing items on FortiADC?

A. PATCH

B. POST

C. GET

D. PUT

An administrator wants to implement load balancing persistence by configuring FortiADC to prefix the server ID to an existing cookie sent by the back-end servers. Which persistence method should the administrator use?

A. Hash cookie

B. Insert cookie

C. Persistence cookie

D. Embedded cookie

Refer to the exhibit.

The exhibit shows the first few lines of three scripts, and a virtual server configuration leveraging these scripts.

Based on the way FortiADC prioritizes script execution, in what order will the scripts execute?

A. COOKIE_COMMANDS, GENERAL_REDIRECT, GEOIP_UTILITY

B. COOKIE_COMMANDS< GEOIP_UTILITY, GENERAL_REDIRECT

C. GEOIP_UTILITY, GENERAL_ REDIRECT, COOKIE_COMMAND

Refer to the exhibits.

Which show the HA configurations for two FortiADC devices

If both FortiADC devices are operational, which FortiADC is the active device in the cluster?

A. The FortiADC with the highest HA uptime value

B. The FortiADC with the highest sorting serial number

C. FortiADC-1

D. FortiADC-2

An administrator is running the following sniffer on FortiADC:

Diagnose sniffer packet any `'port80'' 2

What two pieces of information are included in the output of the sniffer? (Choose two.)

A. IP payload

B. Ethernet headers

C. Port names

D. IP headers

An administrator has been assigned the task of protecting their company application delivery servers from OWASP top- 10 threats.

How must they configure FortiADC to provide this capability?

A. Configure advanced health checks

B. Configure Layer 7 custom rates

C. Configure the advanced WAF

D. Configure IPv4 firewall policies

Which two actions can FortiADC take with the GeoIP block list when receiving requests from a blocked country's address space? (Choose two.)

A. Deny access

B. Redirect the request

C. Apply an HTTP protocol constraint

D. Send a 404 Not Found message

Which load balancing method requires the use of an SNMP health check?

A. Destination IP hash

B. Round robin

C. Dynamic load

D. Least connection