NSE 4 – FortiGate 7.0 — Question 88
An administrator has a requirement to keep an application session from timing out on port 80.
What two changes can the administrator make to resolve the issue without affecting any existing services running through FortiGate? (Choose two.)
Answer options
- A. Set the TTL value to never under config system-ttl.
- B. Create a new firewall policy with the new HTTP service and place it above the existing HTTP policy.
- C. Create a new service object for HTTP service and set the session TTL to never.
- D. Set the session TTL on the HTTP policy to maximum.
Correct answer: B, C
Explanation
The correct answers B and C allow for the creation of new configurations specifically for the HTTP service without interfering with existing policies. Option A is incorrect because changing the TTL value in config system-ttl affects all sessions, and option D is not a valid solution since setting session TTL to maximum does not resolve the timeout issue.