NSE 4 – FortiGate 6.4 — Question 111

An administrator has a requirement to keep an application session from timing out on port 80.
What two changes can the administrator make to resolve the issue without affecting any existing services running through FortiGate? (Choose two.)

Answer options

• A. Create a new firewall policy with the new HTTP service and place it above the existing HTTP policy.
• B. Set the session TTL on the HTTP policy to maximum.
• C. Create a new service object for HTTP service and set the session TTL to never.
• D. Set the TTL value to never under config system-ttl.

Correct answer: A, C

Explanation

Option A is correct because creating a new firewall policy ensures that existing services remain unaffected while allowing for the new session settings. Option C is also correct as setting the session TTL to never in a new service object will prevent timeouts. Options B and D do not provide a solution that avoids affecting existing services, as they either change the current policy or the entire system's TTL setting.