Which two components must be configured on FortiSASE to resolve internal hostnames using internal DNS servers?

The selection of Split DNS rules and Split tunneling destinations is essential for resolving internal hostnames using internal DNS servers within the FortiSASE environment.

Split DNS rules enable the differentiation between queries that should be directed to internal DNS servers versus those that should be sent to external DNS servers. This ensures that when an endpoint connected to FortiSASE attempts to resolve an internal hostname, it is directed to the appropriate internal DNS server, thereby allowing the correct resolution of internal network resources.

On the other hand, Split tunneling destinations are critical in defining which traffic should go through the secure tunnel to FortiSASE and which should go directly to the internet or other intended destinations. This allows traffic meant for internal resources to be handled appropriately, ensuring that the internal DNS queries are processed without being exposed to the public internet, thus maintaining security and efficiency.

The other options do not align with the specific requirement of configuring FortiSASE for internal hostname resolution. Components like authentication servers and traffic shaping rules focus on login and bandwidth management rather than DNS resolution. Access control lists deal with permissions for resources, while firewall settings and VPN types manage traffic flow and security but do not specifically cater to DNS resolution frameworks.