New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25

- Free Preparation Discussions

Fortinet FCP_FWB_AD-7.4 Exam - Topic 4 Question 1 Discussion

Actual exam question for Fortinet's FCP_FWB_AD-7.4 exam

Question #: 1
Topic #: 4

[All FCP_FWB_AD-7.4 Questions]

An administrator notices multiple IP addresses attempting to log in to an application frequently, within a short time period. They suspect attackers are attempting to guess user passwords for a secure application.

What is the best way to limit this type of attack on FortiWeb, while still allowing legitimate traffic through?

ABlocklist any suspected IPs.

BConfigure a brute force login custom policy.

CRate limit all connections from suspected IP addresses.

DBlock the IP address at the border router.

Show Suggested Answer

Suggested Answer: B

The best way to limit brute force login attacks on FortiWeb is to configure a brute force login custom policy. FortiWeb provides the ability to detect and mitigate brute force login attempts by automatically limiting the number of failed login attempts within a specific time period. This approach allows you to block or rate limit suspicious IP addresses while still allowing legitimate users access, based on your configuration.

by Ben at Mar 18, 2025, 12:08 PM

Limited Time Offer

25%

Off

Get Premium FCP_FWB_AD-7.4 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Jacquline

2 months ago

C could work, but it might affect legit users too.

upvoted 0 times

...

Luisa

2 months ago

Blocking at the border router? Seems a bit extreme, right?

upvoted 0 times

...

Sharen

2 months ago

I think B is the best option for handling brute force attacks.

upvoted 0 times

...

Clay

3 months ago

Wait, can you really blocklist IPs effectively?

upvoted 0 times

...

Tequila

3 months ago

Totally agree with B! Custom policies are key.

upvoted 0 times

...

Christiane

3 months ago

I feel like blocking at the border router could be too drastic. We should focus on the application layer instead.

upvoted 0 times

...

Jenelle

3 months ago

Rate limiting sounds familiar too; I think it could help manage the traffic without completely blocking legitimate users.

upvoted 0 times

...

Keshia

4 months ago

I'm not entirely sure, but blocking IPs could lead to false positives. We might need a more nuanced solution.

upvoted 0 times

...

Markus

4 months ago

I remember we discussed something about configuring custom policies for brute force attacks in class. That might be the right approach here.

upvoted 0 times

...

Ashton

4 months ago

Blocking at the border router might work, but that could impact legitimate traffic too. I'll focus on the FortiWeb-specific options.

upvoted 0 times

...

Jerilyn

4 months ago

I'm pretty confident this is a "Configure a brute force login custom policy" type of question. That seems like the most targeted solution.

upvoted 0 times

...

Portia

4 months ago

Okay, I've got a strategy. I think the best approach is to use a custom policy to rate limit the suspected IPs.

upvoted 0 times

...

Alease

5 months ago

Hmm, I'm a bit unsure about this. I'll need to review the details on how FortiWeb handles these types of attacks.

upvoted 0 times

...

Truman

5 months ago

This seems like a tricky one. I'll need to think through the different options carefully.

upvoted 0 times

...