NSE 4 – FortiGate 6.2 — Question 56

Why does FortiGate keep TCP sessions in the session table for several seconds, even after both sides (client and server) have terminated the session?

Answer options

• A. To generate logs
• B. To remove the NAT operation
• C. To finish any inspection operations
• D. To allow for out-of-order packets that could arrive after the FIN/ACK packets

Correct answer: D

Explanation

The correct answer is D because FortiGate keeps the session open to handle any late-arriving packets that may be part of the TCP session, ensuring that no data is lost. Option A is incorrect as logging is not the primary reason for maintaining the session. Option B is also wrong since NAT operations do not require extended session retention. Option C does not apply here because inspection operations can often be concluded without needing to keep the session open.