NSE 6 – FortiWeb 5.6/6.0 — Question 9

You've configured an authentication rule with delegation enabled on FortiWeb.
What happens when a user tries to access the web application?

Answer options

• A. FrotiWeb redirects users to a FortiAuthenticator page, then if the user authenticates successfully, FortiGate signals to FortiWeb to allow access to the web app
• B. ForitWeb redirects the user to the web app's authentication page
• C. FortiWeb forwards the HTTP challenge from the server to the client, then monitors the reply, allowing access if the user authenticates successfully
• D. FortiWeb replies with a HTTP challenge of behalf of the server, the if the user authenticates successfully, FortiWeb allows the request and also includes credentials in the request that it forwards to the web app

Correct answer: A

Explanation

The correct answer is A because with delegation enabled, FortiWeb first redirects the user to FortiAuthenticator for authentication. If the user successfully authenticates, FortiGate then communicates with FortiWeb to permit access to the web application. The other options do not accurately reflect the delegation process implemented by FortiWeb.