FCP – FortiGate Administrator 7.6 — Question 78
A FortiGate firewall policy is configured with active authentication, however, the user cannot authenticate when accessing a website.
Which protocol must FortiGate allow even though the user cannot authenticate?
Answer options
- A. LDAP
- B. TACASC+
- C. Kerberos
- D. DNS
Correct answer: D
Explanation
The FortiGate firewall must allow DNS traffic to ensure that the user can resolve domain names to IP addresses, which is essential for accessing websites. The other options, LDAP, TACASC+, and Kerberos, are related to authentication processes and are not necessary for basic web access when a user is not authenticated.