01. When configuring SSL offloading or inspection, which two certificate-related tasks are commonly needed on FortiWeb?
(Choose two.)
a) Upload/import the relevant server certificate (and key) used for the protected name
b) Disable TLS entirely between FortiWeb and the backend servers
c) Replace the backend server’s OS trust store with FortiWeb’s trust store
d) Configure multi-certificate selection when multiple hostnames/certs are required
02. In an Active-Passive HA pair, what triggers the passive unit to take over traffic?
a) The passive unit receives more HTTP requests than the active unit
b) The passive unit detects a new FortiGuard signature update
c) The heartbeat indicates the active unit is down or unavailable
d) The administrator imports a new certificate on the passive unit
03. Which two log types commonly feed FortiWeb reports and investigation workflows?
(Choose two.)
a) Attack logs
b) Traffic logs
c) BIOS logs
d) GPU driver logs
04. An e-commerce site reports credential stuffing on /login. Which FortiWeb feature is the best immediate fit?
a) Configure HA heartbeat timers
b) Disable HTTPS offloading
c) Disable signatures to reduce CPU load
d) Bot mitigation policy applied to the login URL
05. Which two capabilities describe how FortiAI assists with FortiWeb log investigation?
(Choose two.)
a) Auto-generate server policies and deploy them without review
b) Analyze and summarize logs in Attack/Traffic/Event log views
c) Provide an “Analyze with AI” action on individual attack log entries
d) Replace the need to enable logging on FortiWeb
06. In FortiWeb, why is caching typically enabled for static objects (images, CSS, JS) in high-traffic applications?
a) To automatically block SQL injection on POST requests
b) To reduce repeated backend fetches and lower server load
c) To enforce MFA for all client sessions
d) To generate PCI compliance reports automatically
07. During initial troubleshooting, which two actions align best with FortiWeb’s recommended approach?
(Choose two.)
a) Change operation mode immediately to “test a theory”
b) Disable all protections first, then review logs later
c) Validate backend connectivity/health status from FortiWeb
d) Reproduce the issue and capture logs around the incident window
08. Which FortiWeb feature is specifically used to check web applications for vulnerabilities as part of compliance/security hygiene?
a) Web vulnerability scan
b) HA synchronization
c) SSL offloading
d) Caching/acceleration
09. Your design requires deploying FortiWeb inline without changing client DNS to point at a proxy address. Which two deployment characteristics align best with transparent modes?
(Choose two.)
a) FortiWeb can operate only as a passive sniffer in transparent mode
b) Operational considerations differ from reverse proxy (networking/feature support)
c) FortiWeb must always present its own certificate to clients for all HTTPS sessions
d) Inline traffic flow where FortiWeb inspects traffic as it passes through
10. FortiWeb mentions that some DoS protections rely on tracking client requests. What feature category supports that tracking?
a) HA heartbeat used to track active elections
b) Report scheduling used to track monthly exports
c) Client management used to track request behavior
d) Certificate store used to track key usage
Before you write the Fortinet FortiWeb Administrator (NSE5_FWB_AD-8.0) certification exam, you may have certain doubts in your mind regarding the pattern of the test, the types of questions asked in it, the difficulty level of the questions and time required to complete the questions. These Fortinet Certified Professional - Cloud Security (FortiWeb Administrator) sample questions and demo exam help you in removing these doubts and prepare you to take the test.
