TCP Protocol States Quiz
30 Questions
3 Views

TCP Protocol States Quiz

Created by
@VisionarySugilite

Podcast Beta

Play an AI-generated podcast conversation about this lesson

Questions and Answers

Which digit in the protocol state represents the server-side state?

  • Fourth digit
  • First digit (correct)
  • Second digit
  • Third digit
  • What is the value of the protocol state when a TCP session is in the FIN_WAIT state?

  • 1
  • 4 (correct)
  • 5
  • 0
  • What is the value of the protocol state when a TCP session is in the CLOSE_WAIT state?

  • 0
  • 1
  • 7
  • 6 (correct)
  • What is the value of the protocol state when a TCP session is in the LAST_Ack state?

    <p>8</p> Signup and view all the answers

    What is the value of the protocol state when a TCP session is in the LISTEN state?

    <p>9</p> Signup and view all the answers

    What is the value of the protocol state when a TCP session is in the SYN_SENT state?

    <p>2</p> Signup and view all the answers

    What is the value of the protocol state when a TCP session is in the SYN & SYN-Ack state?

    <p>3</p> Signup and view all the answers

    What is the value of the protocol state when a TCP session is in the TIME_WAIT state?

    <p>5</p> Signup and view all the answers

    What is the value of the protocol state when a TCP session is in the CLOSE state?

    <p>5</p> Signup and view all the answers

    What is the value of the protocol state when a TCP session is in the ESTABLISHED state?

    <p>1</p> Signup and view all the answers

    Which protocol has no session state in FortiGate?

    <p>ICMP</p> Signup and view all the answers

    What are the two session state values used by FortiGate for UDP traffic?

    <p>0 and 1</p> Signup and view all the answers

    What does the 'local' session flag indicate?

    <p>Session originated from FortiGate or terminates on FortiGate</p> Signup and view all the answers

    What happens to 'may_dirty' sessions after a change in the firewall policy configuration?

    <p>They are unaffected</p> Signup and view all the answers

    What is the default global session handling setting in FortiGate?

    <p>check-all</p> Signup and view all the answers

    What does the 'npu' session flag indicate?

    <p>Session can be offloaded to NPU</p> Signup and view all the answers

    What happens to a session flagged as 'block' in FortiGate?

    <p>It remains in memory until it expires</p> Signup and view all the answers

    What does the 'auth' session flag indicate?

    <p>Session requires (or required) authentication</p> Signup and view all the answers

    What is the purpose of the 'redir' session flag in FortiGate?

    <p>Session is being processed by an application layer proxy</p> Signup and view all the answers

    What happens to packets matching a session with the 'block' flag in FortiGate?

    <p>They are dropped</p> Signup and view all the answers

    Which option allows you to use policy-specific session handling settings?

    <p>check-policy-option</p> Signup and view all the answers

    What is the default option for session handling after a policy change?

    <p>check-all</p> Signup and view all the answers

    Which option is the most resource-intensive behavior for session handling?

    <p>check-all</p> Signup and view all the answers

    When enabling the check-new option, what does FortiGate do after a policy change?

    <p>FortiGate evaluates new sessions against modified policies</p> Signup and view all the answers

    Which option should be used if you have policies handling millions of sessions?

    <p>check-new</p> Signup and view all the answers

    What is the most granular setting for session handling?

    <p>check-policy-option</p> Signup and view all the answers

    What CLI commands can be used to modify the FortiGate session handling behavior?

    <p>set firewall-session-dirty</p> Signup and view all the answers

    Is the system-level session handling setting global or per-V-Dom?

    <p>Both</p> Signup and view all the answers

    What does the check-policy-option enable you to modify?

    <p>FortiGate firewall policy configuration</p> Signup and view all the answers

    When new packets arrive, what does FortiGate do with them after a policy change?

    <p>FortiGate reevaluates them before adding them to the session table</p> Signup and view all the answers

    Study Notes

    TCP Protocol States

    • 12th digit in the protocol state represents the server-side state
    • FIN_WAIT state: value is 6
    • CLOSE_WAIT state: value is 8
    • LAST_Ack state: value is 10
    • LISTEN state: value is 2
    • SYN_SENT state: value is 3
    • SYN & SYN-Ack state: value is 3 and 4
    • TIME_WAIT state: value is 6
    • CLOSE state: value is 7
    • ESTABLISHED state: value is 4

    FortiGate Session Handling

    • UDP traffic: session state values are 'new' and 'est'
    • 'local' session flag: indicates that the session was created by the FortiGate unit itself
    • 'may_dirty' sessions: are deleted after a change in the firewall policy configuration
    • Global session handling: default setting is 'keep'
    • 'npu' session flag: indicates that the session is offloaded to the NPU
    • 'block' session flag: blocks the session
    • 'auth' session flag: indicates that the session has been authenticated
    • 'redir' session flag: redirects the session to the specified IP address and port
    • Packets matching a session with the 'block' flag: are blocked by FortiGate
    • Policy-specific session handling: can be configured using the 'set SESSION-HANDLE' command
    • Default option for session handling after a policy change: 'keep'
    • Most resource-intensive behavior for session handling: 'reset'
    • Check-new option: enables FortiGate to reset sessions after a policy change
    • Option for handling millions of sessions: 'keep'
    • Most granular setting for session handling: per-policy level
    • CLI commands to modify FortiGate session handling behavior: 'config system session-helper' and 'config firewall policy'
    • System-level session handling setting: global
    • Check-policy-option: enables modification of the session handling behavior after a policy change
    • When new packets arrive after a policy change, FortiGate checks the new policy for the session

    Studying That Suits You

    Use AI to generate personalized quizzes and flashcards to suit your learning preferences.

    Quiz Team

    Description

    Test your knowledge of TCP protocol states with this quiz! Learn about server-side and client-side states, and their corresponding values. Challenge yourself to identify different TCP states like ESTABLISHED, SYN_SENT, FIN_WAIT, and more.

    More Like This

    TCP Connection Establishment Quiz
    6 questions
    Client-Server Protocols in HTTP
    5 questions
    Web Servers and Internet Protocols
    34 questions
    Use Quizgecko on...
    Browser
    Browser