Podcast Beta
Questions and Answers
Which digit in the protocol state represents the server-side state?
What is the value of the protocol state when a TCP session is in the FIN_WAIT state?
What is the value of the protocol state when a TCP session is in the CLOSE_WAIT state?
What is the value of the protocol state when a TCP session is in the LAST_Ack state?
Signup and view all the answers
What is the value of the protocol state when a TCP session is in the LISTEN state?
Signup and view all the answers
What is the value of the protocol state when a TCP session is in the SYN_SENT state?
Signup and view all the answers
What is the value of the protocol state when a TCP session is in the SYN & SYN-Ack state?
Signup and view all the answers
What is the value of the protocol state when a TCP session is in the TIME_WAIT state?
Signup and view all the answers
What is the value of the protocol state when a TCP session is in the CLOSE state?
Signup and view all the answers
What is the value of the protocol state when a TCP session is in the ESTABLISHED state?
Signup and view all the answers
Which protocol has no session state in FortiGate?
Signup and view all the answers
What are the two session state values used by FortiGate for UDP traffic?
Signup and view all the answers
What does the 'local' session flag indicate?
Signup and view all the answers
What happens to 'may_dirty' sessions after a change in the firewall policy configuration?
Signup and view all the answers
What is the default global session handling setting in FortiGate?
Signup and view all the answers
What does the 'npu' session flag indicate?
Signup and view all the answers
What happens to a session flagged as 'block' in FortiGate?
Signup and view all the answers
What does the 'auth' session flag indicate?
Signup and view all the answers
What is the purpose of the 'redir' session flag in FortiGate?
Signup and view all the answers
What happens to packets matching a session with the 'block' flag in FortiGate?
Signup and view all the answers
Which option allows you to use policy-specific session handling settings?
Signup and view all the answers
What is the default option for session handling after a policy change?
Signup and view all the answers
Which option is the most resource-intensive behavior for session handling?
Signup and view all the answers
When enabling the check-new option, what does FortiGate do after a policy change?
Signup and view all the answers
Which option should be used if you have policies handling millions of sessions?
Signup and view all the answers
What is the most granular setting for session handling?
Signup and view all the answers
What CLI commands can be used to modify the FortiGate session handling behavior?
Signup and view all the answers
Is the system-level session handling setting global or per-V-Dom?
Signup and view all the answers
What does the check-policy-option enable you to modify?
Signup and view all the answers
When new packets arrive, what does FortiGate do with them after a policy change?
Signup and view all the answers
Study Notes
TCP Protocol States
- 12th digit in the protocol state represents the server-side state
- FIN_WAIT state: value is 6
- CLOSE_WAIT state: value is 8
- LAST_Ack state: value is 10
- LISTEN state: value is 2
- SYN_SENT state: value is 3
- SYN & SYN-Ack state: value is 3 and 4
- TIME_WAIT state: value is 6
- CLOSE state: value is 7
- ESTABLISHED state: value is 4
FortiGate Session Handling
- UDP traffic: session state values are 'new' and 'est'
- 'local' session flag: indicates that the session was created by the FortiGate unit itself
- 'may_dirty' sessions: are deleted after a change in the firewall policy configuration
- Global session handling: default setting is 'keep'
- 'npu' session flag: indicates that the session is offloaded to the NPU
- 'block' session flag: blocks the session
- 'auth' session flag: indicates that the session has been authenticated
- 'redir' session flag: redirects the session to the specified IP address and port
- Packets matching a session with the 'block' flag: are blocked by FortiGate
- Policy-specific session handling: can be configured using the 'set SESSION-HANDLE' command
- Default option for session handling after a policy change: 'keep'
- Most resource-intensive behavior for session handling: 'reset'
- Check-new option: enables FortiGate to reset sessions after a policy change
- Option for handling millions of sessions: 'keep'
- Most granular setting for session handling: per-policy level
- CLI commands to modify FortiGate session handling behavior: 'config system session-helper' and 'config firewall policy'
- System-level session handling setting: global
- Check-policy-option: enables modification of the session handling behavior after a policy change
- When new packets arrive after a policy change, FortiGate checks the new policy for the session
Studying That Suits You
Use AI to generate personalized quizzes and flashcards to suit your learning preferences.
Description
Test your knowledge of TCP protocol states with this quiz! Learn about server-side and client-side states, and their corresponding values. Challenge yourself to identify different TCP states like ESTABLISHED, SYN_SENT, FIN_WAIT, and more.
