NSE 4 – FortiGate 6.0 — Question 35

Which statement is true regarding SSL VPN timers? (Choose two.)

Answer options

• A. Allow to mitigate DoS attacks from partial HTTP requests.
• B. SSL VPN settings do not have customizable timers.
• C. Disconnect idle SSL VPN users when a firewall policy authentication timeout occurs.
• D. Prevent SSL VPN users from being logged out because of high network latency.

Correct answer: A, D

Explanation

Option A is correct because SSL VPN timers can be configured to help protect against DoS attacks related to partial HTTP requests. Option D is also correct as it addresses the issue of network latency not causing user disconnections. Options B and C are incorrect since SSL VPN settings do allow for customizable timers and idle users can be disconnected based on firewall policy settings.