ExamTopics Logo
Mail Us[email protected]
Menu
Fortinet Discussions
exam questions

Exam NSE4-5.4 All Questions

View all questions & answers for the NSE4-5.4 exam
Go to Exam

Exam NSE4-5.4 topic 1 question 92 discussion

Actual exam question from Fortinet's NSE4-5.4
Question #: 92
Topic #: 1
[All NSE4-5.4 Questions]

View the exhibit.

In this scenario, FGT1 has the following routing table:
S* 0. 0. 0. 0/0 [10/0] via 10. 40. 72. 2, port1
C 172. 16. 32. 0/24 is directly connected, port2
C 10. 40. 72. 0/30 is directly connected, port1
A user at 192.168.32.15 is trying to access the web server at 172.16.32.254. Which of the following statements best describe how the FortiGate will perform reverse path forwarding checks on this traffic? (Choose two.)

  • A. Strict RPF check will deny the traffic.
  • B. Strict RPF check will allow the traffic.
  • C. Loose RPF check will allow the traffic.
  • D. Loose RPF check will deny the traffic.
Show Suggested Answer Hide Answer
Suggested Answer: BD 🗳️
by Kyoraku715 at Oct. 20, 2022, 12:48 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
herlock_sholmes_2810
1 week, 3 days ago
Selected Answer: BC
B. and C. RPF Check Explanation: Strict RPF: The incoming interface must exactly match the one used to reach the source address. Loose RPF: The incoming interface must be one of the interfaces used to reach the source address. Analysis: In this scenario, both strict and loose RPF checks will allow the traffic because: The traffic is destined for a directly connected network (172.16.32.0/24) on port2. This means the traffic enters the FortiGate through the correct interface. The source address (192.168.32.15) is irrelevant for RPF checks in this case. Since the destination is directly connected, the FortiGate doesn't need to perform any routing lookup to determine the outgoing interface. Therefore, both strict and loose RPF checks will allow the traffic to pass through the FortiGate. Key Points: RPF checks are primarily designed to prevent spoofed traffic. When the destination is directly connected, RPF checks are less stringent. Understanding the network topology and traffic flow is crucial for proper RPF configuration.
upvoted 1 times
...
hiberus
7 months ago
correct answer is B & C Reference: Fortinet Training Institute. FCP - Fortigate 7.4 Administrator Sample Questions.
upvoted 1 times
...
vervvsdv
1 year, 7 months ago
B and C. https://extreme-networks.my.site.com/ExtrArticleDetail?an=000086726
upvoted 1 times
...
Kyoraku715
2 years, 2 months ago
the correct answer is B and C
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago