Which command will enable debugging for the FortiWeb user tracking feature?

1. A. debug enable user-tracking7
2. B. diagnose debug application user-cracking 7
3. C. debug application user-cracking 7
4. D. diagnose debug enable user-cracking 7

Correct Answer: B

Which two objects are required to configure a server policy in reverse proxy mode without content routing? (Choose two.)

1. A. Site publishing
2. B. Protected hostname
3. C. Virtual server
4. D. Server pool

Correct Answer: BC

When is it possible to use a self-signed certificate, rather than one purchased from a commercial certificate authority?

1. A. If you are an enterprise whose employees use only mobile devices
2. B. If you are a small business or home office
3. C. If you are an enterprise whose computers all trust the active directory or CA server that signed the certificate
4. D. If you are an enterprise whose resources do not need security or https connections

Correct Answer: C

Refer to the exhibit.

Attack ID20000010is brute force logins.
Which statement is accurate about the potential attack?

1. A. The attacker has successfully retrieved the credentials to www.example.com.
2. B. www.example.com is running attacks against the client 192.168.1.11.
3. C. The attack has happened 10 times.
4. D. 192.168.1.11 is sending suspicious traffic to FortiWeb.

Correct Answer: D

Refer to the exhibits.


What will happen when a client attempts a mousedown cross-site scripting (XSS) attack against the sitehttp://my.blog.org/userl1/blog.phpand FortiWeb is enforcing the highlighted signature?

1. A. The connection will be stripped of the mousedown JavaScript code.
2. B. The connection will be blocked as an XSS attack.
3. C. FortiWeb will report the new mousedown attack to FortiGuard.
4. D. The connection will be allowed.

Correct Answer: D