Answer D
CCSE R80 course page 247 Point 5 of Statefull Inspection flow
Also an explanation of how ICMP unreachable is used on UDP
https://networkengineering.stackexchange.com/questions/62969/why-icmp-destination-port-unreachable-error-messeage-is-generated-for-unreliable
I think it is "D", based on the CCSE courseware, “Stateful Inspection” section. According to the Inspection Process Flowchart details, if there is a match in the Rule Base, a NACK is sent, which is "ICMP unreachable" for UDP. As for statefulness, UDP communications usually expect answers that need to be tracked by firewalls, so even though UDP is stateless, it has a corresponding stateful inspection behavior in the firewall.
No, if the action is drop, nothing is send. if the action is drop, the firewall sends TCP RST for TCP and ICMP unreachable for UDP. As UDP ist stateless, it has to be icmp, as there is no UDP RST. This is basically the diffrence between action drop and action reject. D ist correct
of course not, it's asking about UDP, not ICMP. ICMP runs directly on IP, UDP is a transport layer protocol, you are mixing things up
upvoted 2 times
...
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
djreymix
Highly Voted 3 years, 4 months agoDriVen
1 year, 8 months agoLevis
Highly Voted 4 years, 4 months agolacosta
Most Recent 9 months, 2 weeks agozorolo
2 years, 6 months agoz8d21oczd
2 years, 10 months agoz8d21oczd
2 years, 10 months agoCrao
3 years, 8 months agowakopro
4 years, 1 month agomauchi
3 years, 8 months ago