| Exam Code/Number: | NSE5_FWB_AD-8.0Join the discussion |
| Exam Name: | Fortinet NSE 5 - FortiWeb 8.0 Administrator |
| Certification: | Fortinet |
| Question Number: | 38 |
| Publish Date: | Jul 15, 2026 |
|
Rating
100%
|
|
You are reviewing a report from your FortiWeb logs and notice a JavaScript payload like < script > document.
cookie < /script > is submitted through a product review form. The page doesn't filter the script, and when users view the review, their session cookies are exposed.
Why is this attack dangerous?
You are a FortiWeb administrator investigating an SQL injection attack on your company's customer portal.
The network firewall and intrusion prevention system (IPS) did not stop the attack.
You decide to deploy a web application firewall (WAF) to help prevent this type of attack.
Which two actions can you take to block application-layer threats? (Choose two.)
FortiWeb is blocking groups of users behind your load balancer. In the logs, all users show the same source IP address.
Which action should you take to restore proper client identification?
Refer to the exhibit.

A FortiWeb administrator tests a new form input value after training the machine learning (ML) anomaly detection system.
The hidden Markov model (HMM) flags the input as abnormal, while the support vector machine (SVM) model classifies it as normal. FortiWeb allows the request.
What does this result indicate about the FortiWeb ML anomaly detection behavior?
Refer to the exhibit.

A FortiWeb administrator is trying to enable policy-based traffic logging on FortiWeb but doesn't see the traffic log option available in the server policy settings.
What is the most likely reason this option is not visible?