Why does FortiGate keep TCP sessions in the session table for some seconds even after both sides (client and server) have terminated the session?
A. To remove the NAT operation.
B. To generate logs
C. To finish any inspection operations.
D. To allow for out-of-order packets that could arrive after the FIN/ACK packets.
“D”
When a session is closed by both sides, FortiGate keeps it in the session table for a few seconds more, to
allow any out-of-order packets that could arrive after the FIN/ACK packet. This is the state value 5.
FortiGate_Security_6.4_Study_Guide-Online pag 182
D is correct. See FortiGate_Security_6.2_Study_Guide-Online.pdf page 182
Answer D
Page 182 of 6.2 Study Guide
D