FortiGate's Routing and Monitoring
30 Questions
0 Views

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to lesson

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

Which protocol state value indicates that the TCP three-way handshake is completed?

  • 2
  • 11 (correct)
  • 1
  • 0
  • What does the log flag indicate?

  • The session originates from FortiGate
  • The session is flagged as dirty
  • The session requires authentication
  • The session is being logged (correct)
  • Which type of NAT is indicated in the portion that shows the type of NAT?

  • Source
  • Destination
  • Both source and destination (correct)
  • None of the above
  • What does sdwan_service_id equal to 0 indicate?

    <p>The session matched the SD-WAN implicit rule</p> Signup and view all the answers

    What does the ndr flag indicate?

    <p>The session will be checked by IPS signature</p> Signup and view all the answers

    What does proto_state=00 indicate for ICMP?

    <p>The ICMP session has no state</p> Signup and view all the answers

    What does the redir flag indicate?

    <p>The session is being processed by an application layer proxy</p> Signup and view all the answers

    What does the npd flag indicate?

    <p>The session cannot be offloaded to NPU</p> Signup and view all the answers

    What does the npu flag indicate?

    <p>The session can be offloaded to NPU</p> Signup and view all the answers

    What is the purpose of may_dirty sessions in FortiGate?

    <p>May_dirty sessions are created after matching a firewall policy with accept as action</p> Signup and view all the answers

    Which flag is used by FortiGate to identify entries in the FIB used for routing health-check traffic?

    <p>proto=17</p> Signup and view all the answers

    What command displays the total number of sessions in the current V-Dom?

    <p>get system session status</p> Signup and view all the answers

    What information does the command get system session list provide?

    <p>Protocol, source IP-address, destination IP-address, and port</p> Signup and view all the answers

    What does the TCP session table entry display?

    <p>All of the above</p> Signup and view all the answers

    What does the redir flag indicate?

    <p>Redirected traffic</p> Signup and view all the answers

    What does the npu flag indicate?

    <p>Network processing unit flag</p> Signup and view all the answers

    What does the log flag indicate?

    <p>Logged traffic</p> Signup and view all the answers

    What does the npd flag indicate?

    <p>Network processing delay flag</p> Signup and view all the answers

    Which type of NAT is indicated in the portion that shows the type of NAT?

    <p>All of the above</p> Signup and view all the answers

    Which protocol state value indicates that the TCP three-way handshake is completed?

    <p>02</p> Signup and view all the answers

    Which protocol flag is used by FortiGate to identify entries in the FIB used for routing health-check traffic?

    <p>proto=17</p> Signup and view all the answers

    What command displays the total number of sessions in the current V-Dom?

    <p>get system session status</p> Signup and view all the answers

    What command provides a brief summary of each session?

    <p>get system session list</p> Signup and view all the answers

    What information is highlighted in the example output of a single session table entry?

    <p>IP protocol number and the protocol state</p> Signup and view all the answers

    What does the FortiGate session table contain?

    <p>Detailed information about every IP connection</p> Signup and view all the answers

    What does the command 'diagnose sys session list' display?

    <p>Example output of a single session table entry</p> Signup and view all the answers

    What does the flag 'proto=17' have to do with UDP?

    <p>It identifies entries in the FIB used for routing health-check traffic</p> Signup and view all the answers

    What information does the command 'get system session list' include?

    <p>Protocol, source IP-address, destination IP-address, and port</p> Signup and view all the answers

    What can be used to filter the output of the command 'get system session list'?

    <p>grep utility</p> Signup and view all the answers

    What does the flag 'proto_state=00' indicate for ICMP?

    <p>ICMP traffic is blocked</p> Signup and view all the answers

    More Like This

    Use Quizgecko on...
    Browser
    Browser