Examice

Exam 156-215.80 All QuestionsBrowse all questions from this exam

Go to Exam

Question 203

If the first packet of an UDP session is rejected by a security policy, what does the firewall send to the client?

Nothing

TCP FIN

TCP RST

ICMP unreachable

Correct Answer: D

If the first packet of a UDP session is rejected by a security policy, the firewall sends an ICMP unreachable message to the client. This is because UDP is a stateless protocol and does not have a built-in mechanism for establishing or terminating connections, unlike TCP. As a result, when a UDP packet is rejected, the firewall uses ICMP (Internet Control Message Protocol) to notify the client that the destination is unreachable.

Discussion

djreymixOption: A

Exactly A is correct... is obviously... UDP SESSION... UDP SESSION!!!!!!

DriVen

yes! I can't understand why is there even a discussion here, feels like bots..

LevisOption: A

A correct, bcoz UDP is stateless

wakoproOption: D

Nothing is true for Drop action. ICMP unreachabe for reject

mauchi

of course not, it's asking about UDP, not ICMP. ICMP runs directly on IP, UDP is a transport layer protocol, you are mixing things up

z8d21oczdOption: D

No, if the action is drop, nothing is send. if the action is drop, the firewall sends TCP RST for TCP and ICMP unreachable for UDP. As UDP ist stateless, it has to be icmp, as there is no UDP RST. This is basically the diffrence between action drop and action reject. D ist correct

z8d21oczd

i mean "if the action is reject" in the second sentence

lacostaOption: D

Answer D CCSE R80 course page 247 Point 5 of Statefull Inspection flow Also an explanation of how ICMP unreachable is used on UDP https://networkengineering.stackexchange.com/questions/62969/why-icmp-destination-port-unreachable-error-messeage-is-generated-for-unreliable

zoroloOption: D

I think it is "D", based on the CCSE courseware, “Stateful Inspection” section. According to the Inspection Process Flowchart details, if there is a match in the Rule Base, a NACK is sent, which is "ICMP unreachable" for UDP. As for statefulness, UDP communications usually expect answers that need to be tracked by firewalls, so even though UDP is stateless, it has a corresponding stateful inspection behavior in the firewall.

CraoOption: D

Then it should be D since the question talks about 'reject'. I think it is D.