Fortinet Exam NSE7_NST-7.2 Topic 4 Question 20 Discussion

Actual exam question for Fortinet's NSE7_NST-7.2 exam

Question #: 20
Topic #: 4

[All NSE7_NST-7.2 Questions]

Which of the following regarding protocol states is true?

Aproto_state=00 indicates that UDP traffic flows in both directions.

Bproto_state-01 indicates an established TCP session.

Cproto_state=10 indicates an established TCP session.

Dproto state=01 indicates one-way ICMP traffic.

Show Suggested Answer

Suggested Answer: C

Understanding protocol states:

proto_state=00: Indicates no traffic or a closed session.

proto_state=01: Typically indicates one-way ICMP traffic or a partially established TCP session.

proto_state=10: Indicates an established TCP session, where the session has completed the three-way handshake and both sides can send and receive data.

proto_state=11: Often indicates a fully established and active bidirectional session.

Explanation of correct answer:

proto_state=10 is the correct indication for an established TCP session as it signifies that the session is fully established and active.

Fortinet Network Security 7.2 Support Engineer Documentation

Fortinet Firewall Protocol State Documentation

by Larae at Jan 27, 2025, 10:47 AM

Limited Time Offer

25%

23 days ago

B) proto_state-01 indicates an established TCP session. I'm pretty sure that's the one.

upvoted 0 times

Wilda

6 days ago

Yes, that's correct. It's important to understand the different protocol states.

upvoted 0 times

...

Leonor

7 days ago

I think you're right, proto_state-01 does indicate an established TCP session.

upvoted 0 times

...

Gracia

25 days ago

C) proto_state=10 indicates an established TCP session. That's the correct answer, right?

upvoted 0 times

Jimmie

15 days ago

Make sure to remember that for the exam.

upvoted 0 times

...

Ahmad

17 days ago

Yes, that's correct. Proto_state=10 indicates an established TCP session.

upvoted 0 times

...