NSE 7 – Enterprise Firewall 6.2 — Question 21

What does the dirty flag mean in a FortiGate session?

Answer options

• A. The session must be removed from the former primary unit after an HA failover.
• B. Traffic has been blocked by the antivirus inspection.
• C. Traffic has been identified as from an application that is not allowed.
• D. The next packet must be re-evaluated against the firewall policies.

Correct answer: D

Explanation

The dirty flag indicates that the next packet in the session should undergo re-evaluation against the firewall policies to ensure compliance with current rules. Option A relates to session management during HA failover, which is not relevant to the dirty flag. Option B pertains to antivirus actions, and option C refers to application restrictions, both of which do not describe the function of the dirty flag.