ExamTopics Logo
Mail Us[email protected]
Menu
Fortinet Discussions
exam questions

Exam FCSS_NST_SE-7.4 All Questions

View all questions & answers for the FCSS_NST_SE-7.4 exam
Go to Exam

Exam FCSS_NST_SE-7.4 topic 1 question 8 discussion

Actual exam question from Fortinet's FCSS_NST_SE-7.4
Question #: 8
Topic #: 1
[All FCSS_NST_SE-7.4 Questions]

Refer to the exhibit, which a network topology and a partial routing table.

FortiGate has already been configured with a firewall policy that allows all ICMP traffic to flow from port1 to port3.
Which changes must the administrator perform to ensure the server at 10.4.0.1/24 receives the echo reply from the laptop at 10.1.0.1/24?

  • A. Enable asymmetric routing under config system settings.
  • B. Change the configuration from strict RPF check mode to feasible RPF check mode.
  • C. A firewall policy that allows all ICMP traffic from port3 to port1.
  • D. Modify the default gateway on the laptop from 10.1.0.2 to 10.2.0.2.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by IBB90704 at April 27, 2025, 10:42 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
IBB90704
3 days, 6 hours ago
Selected Answer: A
Allowing asymmetric routing: config system settings set asymroute enable end 1. The server’s ICMP request bypasses FortiGate reaching the PC. 2. The PC’s echo reply passes through FortiGate. No session is matched. However, the packet is not dropped. Instead, the packet is passed to the CPU of FortiGate and is then forwarded using the FIB. 3. All subsequent echo replies are handled the same way as in step 2. 4. FortiGate essentially acts as a router. No security inspection is performed. If you use asymmetric routing for troubleshooting purposes, remember to disable it after you resolve the issue. Pagina 377
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago