An administrator needs to ensure that a firewall policy applies only during business hours (Monday to Friday, 9:00 AM to 6:00 PM). What object should be configured and applied to the policy?
Schedule objects define when a policy is active.
Why this answer
A schedule object in FortiGate defines time-based conditions (e.g., recurring weekly windows like Monday–Friday 09:00–18:00) that can be applied directly to a firewall policy. When a schedule is attached, the policy is enforced only during the specified time range, making it the correct object for restricting policy activation to business hours.
Exam trap
The trap here is that candidates confuse a schedule object with a service group or traffic shaper, mistakenly thinking time-based access can be achieved via port grouping or QoS policies, whereas FortiGate explicitly requires a schedule object for time-of-day policy enforcement.
How to eliminate wrong answers
Option A is wrong because a service group is used to group multiple protocol/port definitions (e.g., TCP/80, TCP/443) for application-layer matching, not for time-based enforcement. Option B is wrong because an address group aggregates IP addresses or FQDN objects for source/destination matching, not for controlling when a policy is active. Option D is wrong because a traffic shaper controls bandwidth allocation and QoS (e.g., guaranteed/ maximum bandwidth), not the temporal activation of a firewall policy.