NETSEC-GENERALIST · Question #4
NETSEC-GENERALIST Question #4: Real Exam Question with Answer & Explanation
The correct answer is A: SYN flood protection. An NGFW (Next-Generation Firewall) determines whether new session setups are legitimate or illegitimate by using SYN flood protection, which is a key component of DoS/DDoS mitigation. How SYN Flood Protection Works in an NGFW: Detects High SYN Traffic Rates - SYN flood attacks oc
Question
Which functionality does an NGFW use to determine whether new session setups are legitimate or illegitimate?
Options
- ASYN flood protection
- BSYN bit
- CRandom Early Detection (RED)
- DSYN cookies
Explanation
An NGFW (Next-Generation Firewall) determines whether new session setups are legitimate or illegitimate by using SYN flood protection, which is a key component of DoS/DDoS mitigation. How SYN Flood Protection Works in an NGFW: Detects High SYN Traffic Rates - SYN flood attacks occur when a large number of half-open TCP connections are created, overwhelming a server or firewall. Implements SYN Cookies or Rate-Limiting - To mitigate attacks, the NGFW applies SYN cookies or connection rate limits to filter out illegitimate connection attempts. Maintains a Secure State Table - The firewall tracks legitimate and suspicious SYN requests, ensuring only genuine connections are allowed through. Protects Against TCP-Based Attacks - Prevents resource exhaustion caused by attackers flooding SYN packets without completing the TCP handshake.
Topics
Community Discussion
No community discussion yet for this question.