NSE 6 – FortiWeb 5.6/6.0 — Question 6

An e-commerce web app is used by small businesses. Clients often access it from offices behind a router, where clients are on an IPv4 private network LAN. You need to protect the web application from denial of service attacks that use request floods.
What FortiWeb feature should you configure?

Answer options

• A. Enable "Shared IP" and configure the separate rate limits for requests from NATted source IPs.
• B. Configure FortiWeb to use "X-Forwarded-For:" headers to find each client's private network IP, and to block attacks using that.
• C. Enable SYN cookies.
• D. Configure a server policy that matches requests from shared Internet connections. C

Correct answer:

Explanation

The correct answer is B because using 'X-Forwarded-For:' headers allows FortiWeb to identify the original client IP, which is crucial for blocking attacks that originate from private networks. Options A and D do not adequately address the need for identifying client IPs in a NAT environment, while C (SYN cookies) is not specifically designed to mitigate application-layer request floods.