Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

Fortinet Exam FCP_FWB_AD-7.4 Topic 1 Question 8 Discussion

Actual exam question for Fortinet's FCP_FWB_AD-7.4 exam
Question #: 8
Topic #: 1
[All FCP_FWB_AD-7.4 Questions]

Review the following configuration:

What are two routing behaviors that you can expect on FortiWeb after this configuration change? (Choose two.)

Show Suggested Answer Hide Answer
Suggested Answer: A, C

FortiWeb is primarily designed to handle HTTP and HTTPS traffic, protecting web applications from various threats. By default, when operating in reverse proxy mode, FortiWeb does not forward non-HTTP/HTTPS protocols to protected servers. However, administrators can configure FortiWeb to handle non-HTTP/HTTPS traffic differently using the config router setting command. This command allows enabling IP-based forwarding (routing) for non-HTTP/HTTPS traffic. When enabled, FortiWeb can route non-HTTP traffic through itself to the appropriate backend servers.

Despite this capability, any non-HTTP/HTTPS traffic that is destined directly for a FortiWeb virtual server IP address is dropped. This means that while FortiWeb can be configured to forward non-HTTP/HTTPS traffic to backend servers, it will not process non-HTTP/HTTPS traffic targeted at its own virtual server IPs.

Regarding IPv6 routing, FortiWeb does support IPv6 in various operation modes, including reverse proxy, offline inspection, and transparent inspection. However, enabling IPv6 routing requires specific configurations and is not automatically enabled by default.


by Wilburn at May 04, 2025, 07:50 PM

Limited Time Offer

25%

Off

Get Premium FCP_FWB_AD-7.4 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Brent
11 days ago
Seriously, D? Only ICMP traffic allowed? That's just crazy talk. Gotta go with C and something else, like A perhaps.
upvoted 0 times
Lyda
17 hours ago
I agree, D does seem a bit extreme. I think C and A make more sense.
upvoted 0 times
...
...
Sanjuana
13 days ago
Hmm, I'm gonna go with B and C. IPv6 routing and dropping non-HTTP traffic seems like the logical choice here.
upvoted 0 times
Kallie
8 days ago
I agree, B and C seem like the correct choices. IPv6 routing and dropping non-HTTP traffic make sense.
upvoted 0 times
...
...
Chandra
16 days ago
I'm not sure about option D. It seems too restrictive to only allow ICMP traffic.
upvoted 0 times
...
Azalee
1 months ago
I believe option C is also correct. It mentions non-HTTP traffic destined to the FortiWeb virtual server IP address being dropped.
upvoted 0 times
...
Willard
1 months ago
C'mon, that's too easy! Of course, non-HTTP traffic destined to the FortiWeb virtual server IP address will be dropped. Gotta keep that thing secure, right?
upvoted 0 times
Doyle
23 days ago
C) Non-HTTP traffic destined to the FortiWeb virtual server IP address is dropped.
upvoted 0 times
...
Kimi
1 months ago
A) Non-HTTP traffic routed through the FortiWeb is allowed.
upvoted 0 times
...
...
Emeline
1 months ago
I agree with Brice. Option A seems like a valid routing behavior.
upvoted 0 times
...
Brice
1 months ago
I think option A is correct because it mentions non-HTTP traffic being allowed.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77