NSE 8 – Network Security Expert (812) — Question 29

A FortiGate must be configured to accept VoIP traffic which will include session initiation protocol (SIP) traffic.

Which statement about the VoIP configuration options is correct?

Answer options

• A. FortiOS cannot accept SIP traffic if both the SIP Session Helper and the application layer gateway (ALG) are disabled.
• B. Restricting SIP requests is only possible when using the SIP Session Helper.
• C. By default, VoIP traffic will be processed using the SIP Session Helper.
• D. Rate tracking of SIP requests is only possible when the application layer gateway (ALG) is set to Flow mode.

Correct answer: D

Explanation

The correct answer is D because rate tracking of SIP requests is specifically tied to the configuration of the application layer gateway in Flow mode. Option A is incorrect as FortiOS can handle SIP traffic even if those features are disabled, while option B is wrong since SIP request restrictions can be implemented through other means besides the SIP Session Helper. Option C is also not entirely accurate, as VoIP traffic can be processed in different ways and not exclusively through the SIP Session Helper.