Valid FCP_FGT_AD-7.4 Dumps shared by ExamDiscuss.com for Helping Passing FCP_FGT_AD-7.4 Exam! ExamDiscuss.com now offer the newest FCP_FGT_AD-7.4 exam dumps, the ExamDiscuss.com FCP_FGT_AD-7.4 exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com FCP_FGT_AD-7.4 dumps with Test Engine here:
Consider the topology: Application on a Windows machine <--{SSL VPN} -->FGT--> Telnet to Linux server. An administrator is investigating a problem where an application establishes a Telnet session to a Linux server over the SSL VPN through FortiGate and the idle session times out after about 90 minutes. The administrator would like to increase or disable this timeout. The administrator has already verified that the issue is not caused by the application or Linux server. This issue does not happen when the application establishes a Telnet connection to the Linux server directly on the LAN. What two changes can the administrator make to resolve the issue without affecting services running through FortiGate? (Choose two.)
Correct Answer: C,D
The key here is performing the task without affecting any of the other services. C. Create a new service object for TELNET and set the maximum session TTL: By creating a new service object specifically for TELNET and setting the maximum session TTL, you can control the idle session timeout for Telnet connections established through the SSL VPN. D. Create a new firewall policy and place it above the existing SSLVPN policy for the SSL VPN traffic, and set the new TELNET service object in the policy: Creating a new firewall policy and placing it above the existing SSLVPN policy allows you to apply the new TELNET service object with the modified session TTL, ensuring that the idle session timeout does not occur after 90 minutes. - Not A - Changing the maximum TTL value for TELNET will affect every other policy that references the TELNET service - Not B - Changing the session TTL on the SSLVPN policy will impact other services referenced in the policy.