NSE 4 – FortiGate 7.0 — Question 65

Why does FortiGate keep TCP sessions in the session table for several seconds, even after both sides (client and server) have terminated the session?

Answer options

• A. To allow for out-of-order packets that could arrive after the FIN/ACK packets
• B. To finish any inspection operations
• C. To generate logs
• D. To remove the NAT operation

Correct answer: A

Explanation

The correct answer is A, as FortiGate holds onto TCP sessions temporarily to accommodate any out-of-order packets that may arrive after the session has been officially closed with FIN/ACK packets. The other options are incorrect because finishing inspection operations (B), generating logs (C), and removing NAT operations (D) do not explain the need to retain the session for handling out-of-order packets.