NSE 7 — Enterprise Firewall — Question 63

An administrator is configuring application control with FortiGate running in next-generation firewall (NGFW) policy-based mode.

Which two actions must the administrator take? (Choose two.)

Answer options

• A. Configure the action as quarantine, if an application requires feedback to prevent instability.
• B. Configure central source network address translation (SNAT), if NAT is required.
• C. Create an application control profile and apply the profile to a firewall policy.
• D. Specify an SSLISSH inspection profile on a consolidated policy.

Correct answer: B, D

Explanation

The correct answers are B and D because configuring central source NAT is essential for proper network address translation when needed, and specifying an SSLISSH inspection profile ensures secure traffic is appropriately inspected. Options A and C are not required actions for configuring application control in this specific mode.