An administrator has a requirement to keep an application session from timing out on port 80. What two changes can the administrator make to resolve the issue without affecting any existing services running through FortiGate? (Choose two.)
A.
Set the TTL value to never under config system-ttl.
B.
Create a new firewall policy with the new HTTP service and place it above the existing HTTP policy.
C.
Create a new service object for HTTP service and set the session TTL to never.
D.
Set the session TTL on the HTTP policy to maximum.
key is: without affecting any existing services
So define new service on TCP80 with no session-ttl expire. Make new FW policy and place above other HTTP policy
Just a new HTTP service and policy above the existing one will not change anything without the session-ttl set to never or increased to max. CD seems like the most correct out of these.
I would go with B and C
https://community.fortinet.com/t5/FortiGate/Technical-Tip-Session-timeout-settings/ta-p/191228
upvoted 2 times
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
nomeursy
Highly Voted 9 months, 4 weeks agoh0p3l3ss
Highly Voted 10 months, 2 weeks agoBabnav
10 months, 1 week agoPabloSL
7 months, 1 week agoAngraMainyu
9 months, 1 week agoBombast
Most Recent 3 months agoPower_Shell
10 months, 1 week ago