NSE4 Question #111: Real Exam Question with Answer & Explanation

The correct answer is D: TCP sequence number. Firewalls match packet characteristics like ICMP type/code, TCP/UDP ports, and IP protocol number to enforce policies, but not the TCP sequence number.

Submitted by lukas.cz· Apr 18, 2026Firewall and Authentication

Question

Which of the following items is NOT a packet characteristic matched by a firewall service object?

Options

AICMP type and code
BTCP/UDP source and destination ports
CIP protocol number
DTCP sequence number

Explanation

Firewalls match packet characteristics like ICMP type/code, TCP/UDP ports, and IP protocol number to enforce policies, but not the TCP sequence number.

Common mistakes.

A. ICMP type and code are essential fields for controlling ICMP traffic and are commonly used in firewall service objects.
B. TCP/UDP source and destination ports are fundamental identifiers for applications and services, widely used in firewall service objects.
C. The IP protocol number (e.g., 6 for TCP, 17 for UDP, 1 for ICMP) is a crucial Layer 3 characteristic used by firewalls to identify the protocol being carried.

Concept tested. Firewall service object matching criteria

Reference. https://docs.fortinet.com/document/fortigate/7.4.0/administration-guide/469442/creating-a-service

Topics

#Firewall#Service Objects#Packet Characteristics#TCP/IP

Community Discussion

No community discussion yet for this question.

Full NSE4 Practice Browse All NSE4 Questions