Question 12 - Fortinet FCP_FGT_AD-7.4 Real Exam Questions [Jan 2026 Update]

Q: 12

Which of the following statements correctly describes FortiGates route lookup behavior when searching for a suitable gateway? (Choose two)

Options

Correct Answer:

A, D

Explanation

FortiGate is a stateful firewall that establishes a session for new connections. A route lookup is performed on the first packet from the session originator to determine the egress interface and next-hop gateway for the forward path. This information is then stored in a new session table entry. Subsequently, when the first reply packet is received from the responder, a second route lookup is performed for the original source IP address (which is the destination for the reply packet). This confirms the return path and fully populates the session table. All subsequent packets for that session are processed quickly using the established session information, without requiring additional route lookups.

Why Incorrect

B. A route lookup is not performed on the last packet; forwarding is based on the already established session table entry.

C. This describes stateless behavior. FortiGate is stateful and uses a session table to avoid resource-intensive lookups for every packet.

References

1. Fortinet. (2024). FortiGate / FortiOS 7.0.12 / Administration Guide. Fortinet Document Library. In the "Firewall" chapter

section "Life of a packet"

the "New session" subsection states: "The FortiGate then does a route lookup to determine the egress interface that it can use to forward the packet to its destination." This directly supports the lookup on the first packet from the originator.

2. Fortinet. (2021). FortiOS Handbook - Firewall for FortiOS 7.0.0. Fortinet Document Library. On page 10

under "Packet flow and session management"

the text confirms the process for the initial packet: "When the first packet of a new session arrives...the FortiGate performs a route lookup for the destination address to find the egress interface."

3. The route lookup on the first reply packet is a fundamental aspect of establishing the bidirectional session state. The FortiGate must determine the return path to the originator. This principle is a core component of the official Fortinet Certified Professional (FCP) curriculum

which explains that the session table stores information for both directions of traffic

and this information is populated by lookups on the initial and reply packets.

Premium Access Includes

FLASH OFFER

avail 10% DISCOUNT on YOUR PURCHASE