Palo Alto Networks Network Security Generalist — Question 8

Which functionality does an NGFW use to determine whether new session setups are legitimate or illegitimate?

Answer options

• A. SYN flood protection
• B. SYN bit
• C. Random Early Detection (RED)
• D. SYN cookies

Correct answer: D

Explanation

SYN cookies are a method used to handle SYN requests during the TCP handshake, allowing the NGFW to verify whether a session request is legitimate without allocating resources until the handshake is completed. The other options, while related to TCP and network security, do not specifically address the validation of new session setups in the same direct manner as SYN cookies.