NSE 4 – FortiGate 6.2 — Question 46

Which three types of traffic and attacks can be blocked by a web application firewall (WAF) profile? (Choose three.)

Answer options

• A. Server information disclosure attacks
• B. Traffic to botnet servers
• C. Credit card data leaks
• D. Traffic to inappropriate web sites
• E. SQL injection attacks

Correct answer: A, C, E

Explanation

The correct answers are A, C, and E because a web application firewall is designed to protect against specific application layer attacks such as SQL injection and data leaks. Option B, while related to security, pertains more to network security and is not typically addressed by a WAF. Option D does not fall under the typical scope of a WAF's primary functions.