Which statement is true regarding administrative access to a VDOM with FortiGate?

The statement about specific admin scopes restricting configurations to the assigned VDOM is correct because FortiGate's Virtual Domains (VDOMs) feature is designed to allow segmentation of network resources, both for security and management purposes. Each VDOM operates as a separate entity, allowing for distinct configurations, policies, and administrative controls. When an administrator is assigned to a specific VDOM, their access and ability to make changes are confined to that particular VDOM. This means that configurations made by the administrator will not affect other VDOMs, thus providing a controlled and secure environment for managing different segments of the network independently.

The functioning of administrative access in VDOMs emphasizes the principle of least privilege, which enhances security by limiting what an administrator can do. This model helps organizations manage complex networks by delegating responsibilities to different administrators without granting them overarching control over the entire system.

Additionally, the other options do not accurately reflect how administrative access in VDOMs operates. For instance, while there may be limitations on certain configurations depending on the scope, administrators can manage DHCP servers and firewall addresses specific to their VDOMs if they are granted the necessary privileges. The concept of a hierarchy among VDOMs is more about logical separation than a barrier to administrative access,