NGFW-ENGINEER · Question #77
NGFW-ENGINEER Question #77: Real Exam Question with Answer & Explanation
The correct answer is D: Packet-Based Attack Protection. Packet-Based Attack Protection is specifically designed to detect and mitigate abnormal or malformed packets such as non-SYN TCP packets and ICMP fragments, which are characteristic of packet-level attacks rather than floods, reconnaissance, or protocol misuse.
Question
A network engineer observes a pattern of anomalous traffic hitting an external-facing zone, including a high volume of TCP packets that are not part of a new session handshake (non-SYN), and a large number of ICMP fragments. The engineer decides to apply a Zone Protection profile to mitigate these potential threats. Which protection type within the profile must be configured?
Options
- AProtocol Protection
- BFlood Protection
- CReconnaissance Protection
- DPacket-Based Attack Protection
Explanation
Packet-Based Attack Protection is specifically designed to detect and mitigate abnormal or malformed packets such as non-SYN TCP packets and ICMP fragments, which are characteristic of packet-level attacks rather than floods, reconnaissance, or protocol misuse.
Topics
Community Discussion
No community discussion yet for this question.