NSE 7 – OT Security 6.4 — Question 24
Which three criteria can a FortiGate device use to look for a matching firewall policy to process traffic? (Choose three.)
Answer options
- A. Services defined in the firewall policy.
- B. Source defined as internet services in the firewall policy
- C. Lowest to highest policy ID number
- D. Destination defined as internet services in the firewall policy
- E. Highest to lowest priority defined in the firewall policy
Correct answer: A, B, D
Explanation
The correct options A, B, and D relate directly to the characteristics of the firewall policy that FortiGate evaluates to match traffic. Option C is incorrect because policy ID number does not determine the matching process, and option E is incorrect since the priority defined in the firewall policy does not influence the matching criteria.