NSE 4 – FortiGate 5.4 — Question 39

What is a valid reason for using session based authentication instead of IP based authentication in a FortiGate web proxy solution?

Answer options

• A. Users are required to manually enter their credentials each time they connect to a different web site.
• B. Proxy users are authenticated via FSSO.
• C. There are multiple users sharing the same IP address.
• D. Proxy users are authenticated via RADIUS.

Correct answer: C

Explanation

Session-based authentication is ideal when multiple users share the same IP address, as it allows individual user sessions and credentials to be tracked. IP-based authentication would fail in this scenario since it cannot distinguish between different users behind a single IP. The other options do not address the issue of multiple users sharing an IP address.