Exam FCP_FGT_AD-7.4 topic 1 question 20 discussion

Page 86 "RPF check is only carried out on: The first packet in the session, not on a reply"

Page 86

AD this is easy

Whenever a packet arrives at one of the interfaces on a FortiGate, the FortiGate determines whether the packet was received on a legitimate interface by doing a reverse look-up using the source IP address in the packet header. This protects against IP spoofing attacks. If the FortiGate does not have a route to the source IP address through the interface on which the packet was received, the FortiGate drops the packet as per Reverse Path Forwarding (RPF) check. (page 433 FortiOS Administrator Guide)

RPF check is done on the first sent packet It helps to protect FortiGate against spoofing attacks

For packets in the original direction, RPF check takes place. Packet received in the reply direction, FortiGate does not perform any RPF check.

RPF is done on the first packet of the session and not on the reply. It protects the fortigate and network from IP spoofing attacks.

A and D are the ans

Study guide 7.4

A and D

Study guide 7.4 Page 86 "FortiGate performs an RPF check only on the first packet of a new session. That is, after the first packet passes the RPF check and FortiGate accepts the session, FortiGate doesn’t perform any additional RPF checks on that session."

RPF (Reverse Path Forwarding) check is not performed on the first sent packet of a new session. Instead, it is performed on the first reply packet.