Fortinet Exam NSE6_FWB-6.4 Topic 1 Question 32 Discussion

Actual exam question for Fortinet's NSE6_FWB-6.4 exam

Question #: 32
Topic #: 1

Refer to the exhibit.

FortiADC is applying SNAT to all inbound traffic going to the servers. When an attack occurs, FortiWeb blocks traffic based on the 192.0.2.1 source IP address, which belongs to FortiADC. The setup is breaking all connectivity and genuine clients are not able to access the servers.

What must the administrator do to avoid this problem? (Choose two.)

AEnable the Use X-Forwarded-For setting on FortiWeb.

BNo Special configuration is required; connectivity will be re-established after the set timeout.

CPlace FortiWeb in front of FortiADC.

DEnable the Add X-Forwarded-For setting on FortiWeb.

Show Suggested Answer

Suggested Answer: C

by Shenika at Apr 14, 2024, 06:27 PM

Limited Time Offer

25%

Off

Get Premium NSE6_FWB-6.4 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Corinne

21 hours ago

Option B doesn't sound right to me. If the attack is blocking access, we can't just rely on a timeout to fix it. We need to take proactive steps.

upvoted 0 times

...

Florinda

16 days ago

I think option A is the way to go. Enabling the Use X-Forwarded-For setting on FortiWeb should help preserve the original client IP address and avoid the connectivity issues.

upvoted 0 times

...