Exam Code: NSE6_FWB-6.4
Exam Name: Fortinet NSE 6 - FortiWeb 6.4
Vendor: Fortinet

A technician is fixing a very slow computer. Antivirus and Malware programs have been run, and some detections have been removed. After running Disk Cleanup, the system still seems to be slow, especially with multiple programs running. Which of the following should the technician do NEXT?
A. Go back to the latest restore point
B. Run defrag
C. Manually erase all cookies
Answer: B

Sara, the Chief Information Officer (CIO), has requested an audit take place to determine what services and operating systems are running on the corporate network. Which of the following should be used to complete this task?
A. Port scan and fingerprinting
B. Fuzzing and a port scan
C. Vulnerability scan and fuzzing
D. Fingerprinting and password crackers
Answer: A
Different services use different ports. When a service is enabled on a computer, a network port is opened for that service. For example, enabling the HTTP service on a web server will open port 80 on the server. By determining which ports are open on a remote server, we can determine which services are running on that server.
A port scanner is a software application designed to probe a server or host for open ports.
This is often used by administrators to verify security policies of their networks and by attackers to identify running services on a host with the view to compromise it.
A port scan or portscan can be defined as a process that sends client requests to a range of server port addresses on a host, with the goal of finding an active port. While not a nefarious process in and of itself, it is one used by hackers to probe target machine services with the aim of exploiting a known vulnerability of that service. However the majority of uses of a port scan are not attacks and are simple probes to determine services available on a remote machine.
Fingerprinting is a means of ascertaining the operating system of a remote computer on a network. Fingerprinting is more generally used to detect specific versions of applications or protocols that are run on network servers. Fingerprinting can be accomplished "passively" by sniffing network packets passing between hosts, or it can be accomplished "actively" by transmitting specially created packets to the target machine and analyzing the response

To ensure proper evidence collection, which of the following steps should be preformed FIRST?
A. Capture the system image
B. Review logs
C. Take hashes from the live system
D. Copy all compromised files
Answer: A

Click the Exhibit button. What is the result?

A. Compilation fails because of an error in line 17.
B. go in Goban go in Sente
C. go in Sente go in Goban
D. go in Goban go in Sente
Answer: C

