FCP – FortiWeb Administrator 7.4 — Question 3

An attacker attempts to send an SQL injection attack containing the known attack string 'root'; -- through an API call.
Which FortiWeb inspection feature will be able to detect this attack the quickest?

Answer options

• A. API gateway rule
• B. Known signatures
• C. Machine learning (ML)-based API protection—anomaly detection
• D. ML-based API protection—threat detection

Correct answer: B

Explanation

The 'Known signatures' feature is specifically designed to identify known attack patterns quickly, including SQL injection strings like 'root'; --. In contrast, the other options, while effective, either focus on different types of detection or rely on learning patterns over time, making them slower in recognizing established threats.