ExamGecko
Search Search Login
Home Home / Fortinet / NSE4_FGT-7.2
Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

What are two characteristics of FortiGate HA cluster virtual IP addresses? (Choose two.)
Which two statements are correct regarding FortiGate HA cluster virtual IP addresses? (Choose two.)
Which two statements are correct about NGFW Policy-based mode? (Choose two.)
An administrator configures FortiGuard servers as DNS servers on FortiGate using default settings. What is true about the DNS connection to a FortiGuard server?
If the Issuer and Subject values are the same in a digital certificate, which type of entity was the certificate issued to?
Which of the following are valid actions for FortiGuard category based filter in a web filter profile ui proxy-based inspection mode? (Choose two.)
Which statements about the firmware upgrade process on an active-active HA cluster are true? (Choose two.)
Which two statements are correct about SLA targets? (Choose two.)
If Internet Service is already selected as Source in a firewall policy, which other configuration objects can be added to the Source filed of a firewall policy?
Which of the following conditions must be met in order for a web browser to trust a web server certificate signed by a third-party CA?

Question 174 - NSE4_FGT-7.2 discussion

Report
Export

Which two statements describe how the RPF check is used? (Choose two.)

A.
The RPF check is a mechanism that protects FortiGate and the network from IP spoofing attacks.
Answers
A.
The RPF check is a mechanism that protects FortiGate and the network from IP spoofing attacks.
B.
The RPF check is run on the first sent and reply packet of any new session.
Answers
B.
The RPF check is run on the first sent and reply packet of any new session.
C.
The RPF check is run on the first sent packet of any new session.
Answers
C.
The RPF check is run on the first sent packet of any new session.
D.
The RPF check is run on the first reply packet of any new session.
Answers
D.
The RPF check is run on the first reply packet of any new session.
Suggested answer: A, C

Explanation:

FortiGate Infrastructure 7.2 Study Guide (p.41): 'The RPF check is a mechanism that protects FortiGate and your network from IP spoofing attacks by checking for a return path to the source in the routing table.' 'FortiGate performs an RPF check only on the first packet of a new session. That is, after the first packet passes the RPF check and FortiGate accepts the session, FortiGate doesn't perform any additional RPF checks on that session.'

A) The RPF check is a mechanism that protects FortiGate and the network from IP spoofing attacks.

This is true because the RPF check verifies that the source IP address of an incoming packet matches the reverse route for that address, meaning that the packet came from a legitimate source and not from an attacker who is trying to impersonate another host. This prevents IP spoofing attacks, where an attacker sends packets with a forged source IP address to bypass security policies or launch denial-of-service attacks1

C) The RPF check is run on the first sent packet of any new session.

This is true because the RPF check is performed only once per session, on the first packet sent by either the client or the server, depending on the direction of the session initiation. This reduces the processing overhead and improves performance2

Show Answer
asked 18/09/2024
Lakshmi Yechuri
40 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms