An administrator needs to restrict inter-VDOM traffic between two VDOMs on a FortiGate. Which TWO configurations are required?
Policies are necessary to control traffic flow.
Why this answer
Option A is correct because inter-VDOM traffic on a FortiGate is controlled by firewall policies within each VDOM. By creating policies in each VDOM that specify the VDOM link as the interface, the administrator can explicitly allow or deny traffic between the VDOMs, enforcing security boundaries. Without these policies, traffic would be implicitly denied by the default firewall behavior.
Exam trap
The trap here is that candidates often assume inter-VDOM routing requires a global enablement or IP addressing on the VDOM link, but FortiGate handles this automatically, and the key requirement is the firewall policies to enforce restrictions.