Review the following configuration: https://kxbjsyuhceggsyvxdkof.supabase.co/storage/v1/object/public/file-images/FCP_FWB_AD-7.4/page_3_img_1.jpg What are two routing behaviors that you can expect on FortiWeb after this configuration change? (Choose two.)

Non-HTTP traffic routed through the FortiWeb is allowed.

Question 10 - Fortinet FCP_FWB_AD-7.4 Real Exam Questions [Jan 2026 Update]

Q: 10

Review the following configuration:

What are two routing behaviors that you can expect on FortiWeb after this configuration change? (Choose two.)

Options

Correct Answer:

A, C

Explanation

The screenshot displays the advanced routing settings on a FortiWeb appliance. The "Allow non-HTTP traffic" option is enabled. This feature configures the FortiWeb to function as a Layer 3 router for any traffic that is not HTTP or HTTPS. Consequently, non-web traffic passing through the appliance will be forwarded according to the routing table, not dropped.

However, this routing feature applies to transit traffic only. Traffic destined directly to a virtual server IP address is handled by the server policy. Since virtual servers are configured specifically for web protocols (HTTP/HTTPS), any non-HTTP traffic (like SSH, FTP, or ICMP) sent to the virtual server's IP will not match a configured service and will be dropped by the FortiWeb.

Why Incorrect

B. IPv6 routing is enabled.

This is incorrect. The screenshot clearly shows that the "Enable IPv6 Routing" checkbox is not selected, meaning this feature is disabled.

D. Only ICMP traffic is allowed. All other traffic is dropped.

This is incorrect. The "Allow non-HTTP traffic" setting permits all types of non-web traffic to be routed, not just ICMP. Furthermore, HTTP/HTTPS traffic to virtual servers is still processed.

References

1. FortiWeb 7.4 Administration Guide

Page 218

Section: "Static & dynamic routing".

The guide states: "Allow non-HTTP traffic: Enable to allow FortiWeb to forward non-HTTP/HTTPS traffic. When this option is enabled

FortiWeb acts as a layer-3 router for non-HTTP/HTTPS traffic and forwards it according to its routing table. When this option is disabled

FortiWeb drops all non-HTTP/HTTPS traffic." This directly supports answer A.

2. FortiWeb 7.4 Administration Guide

Page 218

Section: "Static & dynamic routing".

The guide also describes the "Enable IPv6 Routing" option

which is shown as disabled in the exhibit. This confirms that option B is incorrect.

3. FortiWeb 7.4 Administration Guide

Page 311

Section: "Configuring a server policy".

This section details the configuration of server policies

which includes defining virtual servers and the services they offer (e.g.

HTTP

HTTPS). It illustrates that a virtual server is bound to specific web protocols. Traffic of other protocols destined for the virtual server IP is not processed by the policy and is implicitly dropped

which supports answer C.

Premium Access Includes

FLASH OFFER

avail 10% DISCOUNT on YOUR PURCHASE