You notice that memory usage is high and FortiGate has entered conserve mode. You want FortiGate’s IPS
engine to focus only on exploits and attacks that are applicable to your specific network.
Which two steps would you take to reduce RAM usage without weakening security? (Choose two.)
Configure IPS to pass files that are larger than a specific threshold, instead of buffering and scanning
Reduce the size of the signature three (filters) that FortiGate must search by disabling scans for
applications and OS stacks that do not exist on your network.
Disable application control for protocols that are not used on your network.
Disable IPS for traffic destined for the FortiGate itself.
2 Comments on “Which two steps would you take to reduce RAM usage with…”
I think this should be A and B.
Answer B is good, but… Answer D is not. You don’t apply IPS for traffic destined to the FortiGate itself. Even if you could, the only traffic destined to the FortiGate would be mgmt traffic, routing traffic and the like.
Answer C is better because App Ctrl uses IPS engine and reducing the App Ctrl signatures will lesson load on IPS.
Answer A is wrong because IPS has no such settings, or any need for them.