Refer to the exhibit.

You are a FortiWeb administrator reviewing the biometrics-based detection rule shown in the exhibit. Your goal is to configure a rule that detects bots that avoid typical human interactions like using a mouse or clicking. You also want to log the detection event and apply a high-severity alert.
Based on the current configuration, which settings should you change to meet this goal?
A large enterprise has an existing web infrastructure with complex routing rules and static IP address assignments. The network administrators cannot modify the current IP address scheme, but they need FortiWeb to inspect and block threats like SQL injection and cross-site scripting (XSS) without changing the client-server communication flow.
In this situation, which FortiWeb operation mode is the most suitable?
Refer to the exhibit.


A FortiWeb administrator is trying to enable policy-based traffic logging on FortiWeb but doesn’t see the traffic log option available in the server policy settings.
What is the most likely reason this option is not visible?
You are a FortiWeb administrator investigating an SQL injection attack on your company’s customer portal. The network firewall and intrusion prevention system (IPS) did not stop the attack.
You decide to deploy a web application firewall (WAF) to help prevent this type of attack.
Which two actions can you take to block application-layer threats? (Choose two.)
You are reviewing the FortiWeb integration with the Advanced Bot Protection (ABP) service.
Match each step in the ABP flow with its description.

You are hosting multiple secure web applications behind a single public IP address on FortiWeb.
When a client connects to a service, FortiWeb needs to:
Identify the correct SSL certificate.
Decrypt the request.
Route the request to the correct back-end server.
Match each FortiWeb function to the request handling step that performs the function.

You recently deployed two FortiWeb devices in an active-active (A-A) high availability (HA) cluster.
During routine maintenance, you want to confirm that the cluster is synchronizing the correct configuration areas and that both FortiWeb devices behave consistently in production.
As the FortiWeb administrator, which two configuration areas should you examine to verify that HA synchronization is functioning correctly? (Choose two.)