NSE4 Question #280: Real Exam Question with Answer & Explanation

Question

Which of the following statements is correct about configuring web filtering overrides?

Options

• AThe Override option for FortiGuard Web Filtering is available for any user group type.
• BAdmin overrides require an administrator to manually allow pending override requests which are
• CThe Override Scopes of User and User Group are only for use when Firewall Policy
• DUsing Web Filtering Overrides requires the use of Firewall Policy Authentication.

Explanation

Web filtering overrides with a scope of 'User' or 'User Group' require Firewall Policy Authentication to identify the individual user or group for proper application.

Common mistakes.

• A. The Override option for FortiGuard Web Filtering is not available for 'any' user group type; it typically requires authenticated users or specific user group definitions.
• B. While some systems might involve manual approval, FortiGate web filtering overrides can be configured for direct application without a pending request requiring an administrator to manually allow each one.
• D. While Firewall Policy Authentication is crucial for User/User Group scoped overrides, it's not strictly required for all web filtering overrides; for example, a simple URL pattern override can be applied globally without user authentication.

Concept tested. FortiGate Web Filtering Overrides and authentication requirements

Reference. https://docs.fortinet.com/document/fortigate/7.4.0/administration-guide/501728/web-filter-overrides

No community discussion yet for this question.