Prepare for the Fortinet NSE 5 - FortiWeb 8.0 Administrator exam with our extensive collection of questions and answers. These practice Q&A are updated according to the latest syllabus, providing you with the tools needed to review and test your knowledge.
QA4Exam focus on the latest syllabus and exam objectives, our practice Q&A are designed to help you identify key topics and solidify your understanding. By focusing on the core curriculum, These Questions & Answers helps you cover all the essential topics, ensuring you're well-prepared for every section of the exam. Each question comes with a detailed explanation, offering valuable insights and helping you to learn from your mistakes. Whether you're looking to assess your progress or dive deeper into complex topics, our updated Q&A will provide the support you need to confidently approach the Fortinet NSE5_FWB_AD-8.0 exam and achieve success.
Refer to the exhibit.

You are a FortiWeb administrator reviewing the biometrics-based detection rule shown in the exhibit. Your goal is to configure a rule that detects bots that avoid typical human interactions like using a mouse or clicking. You also want to log the detection event and apply a high-severity alert.
Based on the current configuration, which settings should you change to meet this goal?
The goal is to detect bots that avoid normal human interaction, specifically mouse use and clicking, while logging the event and treating it as high severity. In FortiWeb biometrics-based bot detection, monitored client events such as mouse movement, click, keyboard, screen touch, page focus, and scroll help FortiWeb distinguish human behavior from automated behavior. Since the question specifically mentions mouse and clicking, the correct monitored events are Mouse Movement and Click. The current action is Deny (no log), which would not meet the logging requirement. Changing the action to Alert logs the event instead of silently denying it, and setting severity to High aligns with the requirement for a high-severity alert.
================
A FortiWeb administrator wants to create a machine learning (ML)-based bot detection system.
Which three actions must the administrator take to build and activate this ML model? (Choose three.)
FortiWeb machine learning protection depends on observed application traffic. The administrator must first collect traffic samples so FortiWeb can learn normal behavior and create a useful baseline. After sample collection, FortiWeb uses the collected data to build the detection model. Once the model is built, it must be enabled or run in the live environment so FortiWeb can evaluate production requests and detect abnormal or bot-like behavior. Manual verification on test data only is not enough to activate the model for real traffic. Bayesian analysis is not the FortiWeb configuration step shown for this process; the platform handles model logic internally. The practical workflow is collection, model building, and live enforcement or detection.
================
How should a FortiWeb administrator configure behavior-based bot detection to identify traffic from nonhuman users?
FortiWeb bot mitigation is designed to distinguish automated clients from real human users by evaluating request behavior and browser interaction signals. Request-rate limits help detect automation patterns such as excessive requests over a short period, while mouse movement tracking is a behavioral or biometric-style control that helps confirm whether a browser session is being operated by a human. Blocking all unknown devices is too aggressive and would create major false positives. Disabling JavaScript for anonymous users would actually weaken behavior collection because FortiWeb uses JavaScript-based techniques in some bot workflows. Login-failure IP blocklists help against credential attacks, but they do not broadly identify nonhuman users. Therefore, request limits plus mouse movement tracking is the best answer.
================
A FortiWeb administrator sees the following request:
GET /api/v1/data HTTP/1.1 Host: example.com Authorization: ApiKey abc123def456
The API key belongs to a user in group B who is authorized to access only /api/v1/reports.
What should the administrator do to prevent this unauthorized access?
The problem is not that the API key is invalid; the key belongs to a real user. The issue is authorization scope: group B is allowed only to access /api/v1/reports, but the request targets /api/v1/data. The correct FortiWeb control is API gateway rule enforcement using API key verification and API user grouping. FortiWeb can restrict API access by user group, sub-URL, API key verification, and configured violation actions. Blocking the endpoint for every group is too broad, moving the user to another group grants unnecessary privilege, and allowing all API keys to access all endpoints destroys endpoint-level authorization. The correct fix is group-based access control on /api/v1/data.
================
Your team is spending too much time digging through FortiWeb logs to investigate threats.
How can FortiAI improve this workflow?
FortiAI improves investigation workflow by helping administrators interpret FortiWeb activity using natural language. Instead of manually reviewing many raw log entries, administrators can ask FortiAI questions about recent events, blocked requests, attack patterns, or policy behavior and receive a readable explanation. This helps reduce investigation time and makes troubleshooting faster, especially when reviewing attack logs, event logs, and traffic context. FortiAI does not disable logging; that would reduce visibility. It also does not replace FortiGuard updates, which remain important for signatures, reputation, and threat intelligence. Blocking malicious IP addresses automatically is a security action handled through FortiWeb policies and protections, not the primary FortiAI workflow benefit. The best answer is natural-language event explanation.
================
Full Exam Access, Actual Exam Questions, Validated Answers, Anytime Anywhere, No Download Limits, No Practice Limits
Get All 36 Questions & Answers