ExamGecko
Search Search Login
Home Home / Fortinet / NSE4_FGT-7.2
Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

What are two characteristics of FortiGate HA cluster virtual IP addresses? (Choose two.)
Which two statements are correct regarding FortiGate HA cluster virtual IP addresses? (Choose two.)
Which two statements are correct about NGFW Policy-based mode? (Choose two.)
An administrator configures FortiGuard servers as DNS servers on FortiGate using default settings. What is true about the DNS connection to a FortiGuard server?
If the Issuer and Subject values are the same in a digital certificate, which type of entity was the certificate issued to?
Which of the following are valid actions for FortiGuard category based filter in a web filter profile ui proxy-based inspection mode? (Choose two.)
Which statements about the firmware upgrade process on an active-active HA cluster are true? (Choose two.)
If Internet Service is already selected as Source in a firewall policy, which other configuration objects can be added to the Source filed of a firewall policy?
Which two statements are correct about SLA targets? (Choose two.)
Which of the following conditions must be met in order for a web browser to trust a web server certificate signed by a third-party CA?

Question 52 - NSE4_FGT-7.2 discussion

Report
Export

An administrator has configured a strict RPF check on FortiGate. Which statement is true about the strict RPF check?

A.
The strict RPF check is run on the first sent and reply packet of any new session.
Answers
A.
The strict RPF check is run on the first sent and reply packet of any new session.
B.
Strict RPF checks the best route back to the source using the incoming interface.
Answers
B.
Strict RPF checks the best route back to the source using the incoming interface.
C.
Strict RPF checks only for the existence of at least one active route back to the source using the incoming interface.
Answers
C.
Strict RPF checks only for the existence of at least one active route back to the source using the incoming interface.
D.
Strict RPF allows packets back to sources with all active routes.
Answers
D.
Strict RPF allows packets back to sources with all active routes.
Suggested answer: B

Explanation:

Strict Reverse Path Forwarding (RPF) is a security feature that is used to detect and prevent IP spoofing attacks on a network. It works by checking the routing information for incoming packets to ensure that they are coming from the source address that is indicated in the packet's header. In strict RPF mode, the firewall will check the best route back to the source of the incoming packet using the incoming interface. If the packet's source address does not match the route back to the source, the packet is dropped. This helps to prevent attackers from spoofing their IP address and attempting to access the network.

Show Answer
asked 18/09/2024
Rannie Dayapan
42 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms