NSE 4 – FortiGate 6.4 — Question 46

Which three statements are true regarding session-based authentication? (Choose three.)

Answer options

• A. HTTP sessions are treated as a single user.
• B. IP sessions from the same source IP address are treated as a single user.
• C. It can differentiate among multiple clients behind the same source IP address.
• D. It requires more resources.
• E. It is not recommended if multiple users are behind the source NAT

Correct answer: A, C, D

Explanation

The correct answers are A, C, and D because session-based authentication treats HTTP sessions collectively as one user (A), can distinguish multiple clients sharing the same source IP address (C), and requires more resources due to the management of individual sessions (D). Options B and E are incorrect as they imply limitations that do not accurately represent the functionality of session-based authentication.