Web Application Firewall Quiz Answers NSE 2

Fig 1: Web Application Firewall Quiz Answers NSE 2

 Question 1: When considering web application firewalls, what two factors make a signature-based approach to defense, obsolete? (Choose two.)

·         Signature-based detection is too slow to identify threats.

·         Signature-based detection is not effective against zero-day exploits.

·         Signature-based detection, when used alone, can generate many false positives.

·         Signatures cannot stop SQL injection attacks.

Question 2: Which was the predecessor to a web application firewall?

·         Antivirus software

·         Application firewall

·         Web firewall

·         Internet filter

Question 3: What do web application firewalls do that traditional edge firewalls do not?

·         Block port numbers

·         Block protocols

·         Block MAC addresses

·         Block SQL injection attacks

Question 4: What does a web application firewall do?

·         It allows applications to access online content.

·         It prevents applications from accessing the web at certain times of the day.

·         It monitors and blocks malicious HTTP/HTTPS traffic to and from a web application.

·         It provides a means for businesses to monitor which web applications their users are accessing.

Question 5: Which statement about integrating FortiGuard Labs with FortiWeb is true?

·         FortiGuard Labs must be integrated with FortiGate first, before integrating with FortiWeb.

·         FortiGuard Labs is an optional feature that does not provide any benefits to FortiWeb.

·         FortiGuard Labs provides vital updates to FortiWeb about new threats.

·         FortiGuard Labs provides machine learning features to FortiWeb.

Question 6: In which two ways does machine learning help make modern web application firewalls more effective? (Choose two.)

·         It allows them to return search results quicker than using traditional filtering methods.

·         It allows them to adapt to the ever-changing attributes of threats.

·         It allows them to choose the most appropriate web application for a given task.

·         It allows them to perform behavior analysis at machine speed.

Question 7: Which two products can be integrated with FortiWeb? (Choose two.)

·         FortiPhone

·         FortiConnect

·         FortiGate

·         FortiFax

·         FortiSandbox

Question 8:Which action can a modern WAF do?

Select one:

·         Stop any user action should it exceed their network permissions

·         Survey the network and calculate a value to represent the security posture

·         Segment the network based on device type and user role

·         Connect all tools in the security stack into defined workflows

Question 9: Which three features are characteristics of the latest generation WAF? (Choose two.)

Select one or more:

·         SPU

·         DDoS defense

·         DLP

·         Network segmentation

·         IP reputation

Question 10:Which protocol traffic does a web application firewall (WAF) monitor?

Select one:

·         HTTP

·         CLNP

·         IP

·         TCP

Question 11: Which new feature characterized second-generation WAFs?

Select one:

·         Packet analysis

·         Machine learning without human supervision

·         Port and protocol blocking

·         Heuristics

Question 12:Which event was the motivation for web application firewall (WAFs)?

Select one:

·         The development of the hypertext transfer protocol

·         The debut of the World Wide Web

·         ARPANET was brought online

·         The first wide area network (WAN)

Question 13:Which firewall is positioned between a web application and the Internet?

Select one:

·         Packet filter firewall

·         Segmentation firewall

·         Web application firewall

·         Edge firewal