A multi-VDOM FortiGate is running low on memory. The administrator suspects that the management VDOM is consuming excessive resources. How can the administrator limit the memory usage of the management VDOM?
Why this answer
Option B is correct because FortiGate VDOM resource limits allow an administrator to set a specific memory cap for each VDOM, including the management VDOM. By enabling VDOM resource limits and configuring a memory cap, the management VDOM is prevented from consuming excessive memory, ensuring fair resource allocation across all VDOMs. This is the only option that directly limits memory usage at the VDOM level without requiring hardware changes or disabling features.
Exam trap
The trap here is that candidates may think disabling unused features (Option D) is sufficient to limit memory usage, but FortiGate's VDOM resource limits provide a hard enforcement mechanism that is the only way to guarantee a VDOM does not exceed a specified memory threshold.
How to eliminate wrong answers
Option A is wrong because converting the management VDOM to a traffic VDOM does not impose any memory limit; it merely changes the VDOM's role, which does not address excessive memory consumption. Option C is wrong because moving the management VDOM to a separate physical FortiGate is an expensive and unnecessary hardware solution that does not leverage the built-in resource management capabilities of the existing device. Option D is wrong because disabling unused features may reduce memory usage but does not guarantee a hard limit; the management VDOM could still consume excessive memory from enabled features, and this approach lacks the precision and enforcement of a configured memory cap.