NSE4 Question #510: Real Exam Question with Answer & Explanation

Question

When an administrator attempts to manage FortiGate from an IP address that is not a trusted host, what happens?

Options

• AFortiGate will still subject that person's traffic to firewall policies; it will not bypass them.
• BFortiGate will drop the packets and not respond.
• CFortiGate responds with a block message, indicating that it will not allow that person to log in.
• DFortiGate responds only if the administrator uses a secure protocol. Otherwise, it does not

Explanation

If an administrator attempts to manage a FortiGate from an IP address not configured as a trusted host, the device will silently drop the connection.

Common mistakes.

• A. The trusted host setting specifically controls management access and takes precedence over regular firewall policies for management connections, so it does not subject these attempts to general policies.
• C. FortiGate does not respond with a block message; instead, it drops the packets silently as a security measure to avoid indicating its presence or configuration to an unauthorized party.
• D. The trusted host configuration applies regardless of the protocol's security; if the source IP is untrusted, management access is blocked, whether secure (HTTPS) or insecure (HTTP).

Concept tested. FortiGate trusted host management security

Reference. https://docs.fortinet.com/document/fortigate/7.4.0/administration-guide/184232/trusted-hosts

No community discussion yet for this question.