Summer Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

NSE5_FWB_AD-8.0 Exam Dumps - Fortinet NSE 5 Network Security Analyst Questions and Answers

Question # 4

You are reviewing SSL-related issues on FortiWeb. An administrator reports that they receive a certificate warning when they access the FortiWeb GUI over HTTPS. Separately, your FortiWeb device also makes outbound HTTPS requests to a back-end API server.

In which two situations would FortiWeb use its own certificates to establish or secure the connection? (Choose two.)

Options:

A.

When a client browser initiates an SSL session and FortiWeb is in transparent inspection mode.

B.

When FortiWeb is routing an HTTPS connection to a FortiGate without decrypting it.

C.

When an administrator connects to the FortiWeb GUI using HTTPS in a browser.

D.

When FortiWeb connects to a back-end server over HTTPS as a client.

Buy Now
Question # 5

A FortiWeb administrator needs to allow a known web indexer to scan the website for search engine visibility.

What is the easiest way to allow this on FortiWeb?

Options:

A.

Add the web indexer IP address to the trusted IP address list.

B.

Add the web indexer IP address to an IP exception list inside the inline protection profile.

C.

Add the web indexer IP address to the FortiGuard Known Search Engines category.

D.

Add the web indexer user-agent string to a custom signature exception rule.

Buy Now
Question # 6

Which situation best explains when a FortiWeb administrator should enable automatic HTTP-to-HTTPS redirection?

Options:

A.

The organization prefers to keep both HTTP and HTTPS available for flexibility.

B.

Users are accessing a static website that does not handle sensitive data.

C.

The back-end server uses only HTTP and cannot support encryption.

D.

The web application handles logins or personal data and must ensure encrypted communication.

Buy Now
Question # 7

Refer to the exhibit.

What does the exhibit show?

Options:

A.

The FortiGate UI interface in HTML.

B.

A sample response returned by the FortiGate API at https://fortigate.com/ui.

C.

The result of a show ui details command on a FortiWeb server.

D.

An API schema file.

Buy Now
Question # 8

A FortiWeb administrator sees the following request:

GET /api/v1/data HTTP/1.1

Host: example.com

Authorization: ApiKey abc123def456

The API key belongs to a user in group B who is authorized to access only /api/v1/reports.

What should the administrator do to prevent this unauthorized access?

Options:

A.

Restrict access to /api/v1/data using user group–based access control.

B.

Block /api/v1/data for all user groups to avoid policy confusion.

C.

Move the user to group A so they can access both endpoints.

D.

Allow all valid API keys to access any API endpoint.

Buy Now
Question # 9

How should a FortiWeb administrator configure behavior-based bot detection to identify traffic from nonhuman users?

Options:

A.

Set request rate limits and enable mouse movement tracking.

B.

Block all traffic that doesn’t come from known devices.

C.

Disable JavaScript execution for anonymous users.

D.

Create IP blocklists based on login failures.

Buy Now
Question # 10

Refer to the exhibit.

You are a FortiWeb administrator reviewing the biometrics-based detection rule shown in the exhibit. Your goal is to configure a rule that detects bots that avoid typical human interactions like using a mouse or clicking. You also want to log the detection event and apply a high-severity alert.

Based on the current configuration, which settings should you change to meet this goal?

Options:

A.

Select Screen Touch and Page Focus , set the severity to Low , and keep action as Deny (no log) .

B.

Select Keyboard and Scroll , change the action to Alert , and set the severity to High .

C.

Select Mouse Movement and Click , change the action to Alert , and set the severity to High .

D.

Do not select any client events to monitor, enable Bot Trait Checking , keep the current severity, and keep the action as Deny (no log) .

Buy Now
Question # 11

You are a FortiWeb administrator investigating an SQL injection attack on your company’s customer portal. The network firewall and intrusion prevention system (IPS) did not stop the attack.

You decide to deploy a web application firewall (WAF) to help prevent this type of attack.

Which two actions can you take to block application-layer threats? (Choose two.)

Options:

A.

Focus on client-side risks, such as protecting user browsers.

B.

Inspect general network traffic equally between clients and servers.

C.

Detect and block threats like SQL injection, cross-site scripting (XSS), and other Layer 7 attacks.

D.

Filter and analyze HTTP/S requests to block attacks targeting the web server.

Buy Now
Question # 12

A third-party penetration test reveals that users can bypass login controls through a mobile API. Your current FortiWeb configuration includes zero trust network access (ZTNA) profiles and cookie security, but API protection and client management are not enabled. The security team asks you to recommend the most effective way to close this gap.

Which FortiWeb adjustment would best prevent future unauthorized API access?

Options:

A.

Switch to a reverse-proxy mode to bypass cookie-based controls.

B.

Enable API protection and client management to enforce identity checks on mobile API traffic.

C.

Replace ZTNA with bot protection to reduce false positives.

D.

Log only API traffic and rely on FortiAnalyzer for future alerts.

Buy Now
Question # 13

You are reviewing the FortiWeb integration with the Advanced Bot Protection (ABP) service.

Match each step in the ABP flow with its description.

Options:

Buy Now
Exam Code: NSE5_FWB_AD-8.0
Exam Name: Fortinet NSE 5 - FortiWeb 8.0 Administrator
Last Update: Jul 4, 2026
Questions: 36
NSE5_FWB_AD-8.0 pdf

NSE5_FWB_AD-8.0 PDF

$25.5  $84.99
NSE5_FWB_AD-8.0 Engine

NSE5_FWB_AD-8.0 Testing Engine

$28.5  $94.99
NSE5_FWB_AD-8.0 PDF + Engine

NSE5_FWB_AD-8.0 PDF + Testing Engine

$40.5  $134.99