Summer Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70track

Free Fortinet NSE5_FWB_AD-8.0 Practice Exam with Questions & Answers

Questions 1

You are hosting multiple secure web applications behind a single public IP address on FortiWeb.

When a client connects to a service, FortiWeb needs to:

    Identify the correct SSL certificate.

    Decrypt the request.

    Route the request to the correct back-end server.

Match each FortiWeb function to the request handling step that performs the function.

NSE5_FWB_AD-8.0 Question 1

Options:
Fortinet NSE5_FWB_AD-8.0 Premium Access
Questions 2

Which situation best explains when a FortiWeb administrator should enable automatic HTTP-to-HTTPS redirection?

Options:
A.

The organization prefers to keep both HTTP and HTTPS available for flexibility.

B.

Users are accessing a static website that does not handle sensitive data.

C.

The back-end server uses only HTTP and cannot support encryption.

D.

The web application handles logins or personal data and must ensure encrypted communication.

Questions 3

You are reviewing SSL-related issues on FortiWeb. An administrator reports that they receive a certificate warning when they access the FortiWeb GUI over HTTPS. Separately, your FortiWeb device also makes outbound HTTPS requests to a back-end API server.

In which two situations would FortiWeb use its own certificates to establish or secure the connection? (Choose two.)

Options:
A.

When a client browser initiates an SSL session and FortiWeb is in transparent inspection mode.

B.

When FortiWeb is routing an HTTPS connection to a FortiGate without decrypting it.

C.

When an administrator connects to the FortiWeb GUI using HTTPS in a browser.

D.

When FortiWeb connects to a back-end server over HTTPS as a client.

Questions 4

You are reviewing a report from your FortiWeb logs and notice a JavaScript payload like < script > document.cookie < /script > is submitted through a product review form. The page doesn’t filter the script, and when users view the review, their session cookies are exposed.

Why is this attack dangerous?

Options:
A.

It executes code in the victim’s browser.

B.

It leaks back-end database information.

C.

It bypasses login pages.

D.

It forces a victim to click malicious links.

Questions 5

Refer to the exhibit.

NSE5_FWB_AD-8.0 Question 5

You are a FortiWeb administrator reviewing the biometrics-based detection rule shown in the exhibit. Your goal is to configure a rule that detects bots that avoid typical human interactions like using a mouse or clicking. You also want to log the detection event and apply a high-severity alert.

Based on the current configuration, which settings should you change to meet this goal?

Options:
A.

Select Screen Touch and Page Focus , set the severity to Low , and keep action as Deny (no log) .

B.

Select Keyboard and Scroll , change the action to Alert , and set the severity to High .

C.

Select Mouse Movement and Click , change the action to Alert , and set the severity to High .

D.

Do not select any client events to monitor, enable Bot Trait Checking , keep the current severity, and keep the action as Deny (no log) .

Questions 6

A large enterprise has an existing web infrastructure with complex routing rules and static IP address assignments. The network administrators cannot modify the current IP address scheme, but they need FortiWeb to inspect and block threats like SQL injection and cross-site scripting (XSS) without changing the client-server communication flow.

In this situation, which FortiWeb operation mode is the most suitable?

Options:
A.

Reverse proxy mode

B.

Web Cache Communication Protocol (WCCP) redirection mode

C.

True transparent proxy mode

D.

Decryption mirror mode

Questions 7

You are setting up a FortiWeb policy to protect a customer login portal. Users connect to https://login.training.lab, and you want FortiWeb to forward those requests to a load-balanced pool of back-end servers.

Which three components must you configure to complete the server policy?

Options:
A.

Virtual server, server pool, and port settings (service).

B.

Web application firewall (WAF) profile, DoS policy, and server name indication (SNI)-based certificate.

C.

DNS resolver, URL rewrite rule, and HTTP health check.

D.

Real server, IPsec tunnel, and static route.

Questions 8

Your team is spending too much time digging through FortiWeb logs to investigate threats.

How can FortiAI improve this workflow?

Options:
A.

It disables logging to improve performance.

B.

It blocks malicious IP addresses automatically.

C.

It replaces the need for FortiGuard updates.

D.

It explains recent events using natural language.

Questions 9

Refer to the exhibit.

NSE5_FWB_AD-8.0 Question 9

There is only one administrator account configured on FortiWeb and IPv6 is not configured on any interface.

Which action should an administrator take to restrict any brute force attacks that attempt to gain access to the FortiWeb management GUI?

Options:
A.

Make configuration changes on the upstream device.

B.

Replace 0.0.0.0/0 with a specific IP address.

C.

Delete the built-in administrator user and create a new one.

D.

Change the setting in the Access Profile field to Read_Only .

Questions 10

You need to monitor and respond to repeated suspicious activity from individual users who are accessing your web application.

Your goal is to evaluate each action the user takes and apply a response when their behavior becomes risky.

What can you configure on FortiWeb to track user behavior and respond automatically when risky activity continues?

Options:
A.

Configure rate limiting on the IP reputation blocklist.

B.

Add a custom signature to block suspicious URLs immediately.

C.

Enable automatic cookie security under the server policy.

D.

Set up scoring in the protection profile to track request behavior over time.

Exam Code: NSE5_FWB_AD-8.0
Certification Provider: Fortinet
Exam Name: Fortinet NSE 5 - FortiWeb 8.0 Administrator
Last Update: Jul 5, 2026
Questions: 36
PDF + Testing Engine
$164.99
$49.5
Testing Engine
$124.99
$37.5
PDF (Q&A)
$104.99
$31.5