NSE 7 – Network Security Architect — Question 4

A FortiGate's port1 is connected to a private network. Its port2 is connected to the Internet. Explicit web proxy is enabled in port1 and only explicit web proxy users can access the Internet. Web cache is NOT enabled. An internal web proxy user is downloading a file from the Internet via HTTP. Which statements are true regarding the two entries in the FortiGate session table related with this traffic? (Choose two.)

Answer options

• A. Both session have the local flag on.
• B. The destination IP addresses of both sessions are IP addresses assigned to FortiGate's interfaces.
• C. One session has the proxy flag on, the other one does not.
• D. One of the sessions has the IP address of port2 as the source IP address.

Correct answer: B, C

Explanation

Option B is correct because the destination IP addresses of both sessions are indeed the IP addresses of FortiGate's interfaces. Option C is also correct since one session will have the proxy flag enabled due to the explicit web proxy, while the other session will not have that flag. The other options are incorrect as they do not accurately reflect the behavior of sessions in this configuration.