What action can FortiGate take when detecting a blocked application?

When FortiGate detects a blocked application, it can log the event and then take action on the session associated with that application. Specifically, the system has the ability to either drop the session, which means the data packets associated with that session are discarded, or reset the session, which involves terminating the connection and signaling the endpoints that the session has been interrupted. This dual capability allows for effective management of potentially harmful traffic while ensuring that the network remains secure.

Logging the event is crucial for keeping track of what types of applications are being monitored and blocked, helping administrators to analyze traffic patterns and potential threats. The option to drop or reset the session provides immediate action against unwanted or malicious activity, protecting the network in real-time.

The other options either do not encompass the full range of actions available (such as notifying users or temporarily blocking all traffic) or do not reflect the specific capabilities of FortiGate in handling blocked applications, which specifically includes managing the session itself.