Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

Fortinet Exam NSE6_FWB-6.4 Topic 8 Question 30 Discussion

Actual exam question for Fortinet's NSE6_FWB-6.4 exam
Question #: 30
Topic #: 8
[All NSE6_FWB-6.4 Questions]

An e-commerce web app is used by small businesses. Clients often access it from offices behind a router, where clients are on an IPv4 private network LAN. You need to protect the web application from denial of service attacks that use request floods.

What FortiWeb feature should you configure?

Show Suggested Answer Hide Answer
Suggested Answer: C

by Devorah at Mar 04, 2024, 05:49 PM

Limited Time Offer

25%

Off

Get Premium NSE6_FWB-6.4 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Shakira
1 days ago
I think option A is the best choice because it allows us to configure separate rate limits for requests from NATted source IPs.
upvoted 0 times
...
Layla
23 days ago
Haha, option C made me chuckle a bit. Enabling SYN cookies is a classic TCP/IP security trick, but I don't think it's the best fit for this specific scenario.
upvoted 0 times
...
Linwood
24 days ago
Hmm, I'm not sure about option B. Using X-Forwarded-For headers to identify clients' private IPs might work, but it also seems a bit risky. What if the headers are spoofed or the app is already compromised?
upvoted 0 times
Ming
6 days ago
B: That's a good idea. Better to be thorough in our approach to security.
upvoted 0 times
...
Jessenia
7 days ago
A: Let's weigh the pros and cons of each option before making a decision.
upvoted 0 times
...
Celestina
8 days ago
D: Option D could be helpful in filtering out requests from shared Internet connections.
upvoted 0 times
...
Leonora
9 days ago
C: SYN cookies are also a good defense against DoS attacks.
upvoted 0 times
...
Rosalia
10 days ago
B: I agree, option A sounds like a safer choice in this scenario.
upvoted 0 times
...
Golda
11 days ago
A: It's always better to be cautious when it comes to security.
upvoted 0 times
...
...
Virgina
25 days ago
The key here is protecting the app against request floods, which could be coming from multiple clients behind a NAT router. I'm leaning towards option A, since configuring separate rate limits for NATted IPs seems like a logical approach.
upvoted 0 times
...
Allene
26 days ago
I think this question is really testing our understanding of network security concepts. Dealing with DDoS attacks is a common challenge for web apps, so we need to be familiar with the different features FortiWeb offers to mitigate these threats.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77