Fortinet Exam NSE7_OTS-7.2 Topic 3 Question 32 Discussion

Actual exam question for Fortinet's NSE7_OTS-7.2 exam

Question #: 32
Topic #: 3

Which three criteria can a FortiGate device use to look for a matching firewall policy to process traffic? (Choose three.)

AServices defined in the firewall policy.

BSource defined as internet services in the firewall policy

CLowest to highest policy ID number

DDestination defined as internet services in the firewall policy

EHighest to lowest priority defined in the firewall policy

Show Suggested Answer

Suggested Answer: A, D, E

The three criteria that a FortiGate device can use to look for a matching firewall policy to process traffic are:

A) Services defined in the firewall policy - FortiGate devices can match firewall policies based on the services defined in the policy, such as HTTP, FTP, or DNS.

D) Destination defined as internet services in the firewall policy - FortiGate devices can also match firewall policies based on the destination of the traffic, including destination IP address, interface, or internet services.

E) Highest to lowest priority defined in the firewall policy - FortiGate devices can prioritize firewall policies based on the priority defined in the policy. The device will process traffic against the policy with the highest priority first and move down the list until it finds a matching policy.

Fortinet NSE 7 - Enterprise Firewall 6.4 Study Guide, Chapter 4: Policy Implementation, page 4-18.

by Detra at Apr 04, 2025, 10:41 AM

Limited Time Offer

25%

Off

Get Premium NSE7_OTS-7.2 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Irving

2 days ago

A, C, and E. Gotta love those firewall policies! I'm always squinting at those policy IDs, trying to keep them straight.

upvoted 0 times

...