When configuring a Zone Protection profile, in which section (protection type) would an NGFW engineer configure options to protect against activities such as spoofed IP addresses and split handshake session establishment attempts?
Basic Concept: Zone Protection profiles group defenses by attack type. Packet-based attack protection drops malformed packets, spoofing, abnormal TCP handshakes, and other packet-level evasion attempts.
Why C is Correct: Packet-Based Attack Protection is the correct section for spoofed IP packets and split-handshake attempts because these are structural packet/session abuses, not volume floods or scans.
Why A is Wrong: Flood Protection is a Zone Protection category, but it protects a different attack family than the packet-level or flood/reconnaissance behavior described.
Why B is Wrong: Protocol Protection is a Zone Protection category, but it protects a different attack family than the packet-level or flood/reconnaissance behavior described.
Why D is Wrong: Reconnaissance Protection is a Zone Protection category, but it protects a different attack family than the packet-level or flood/reconnaissance behavior described.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit