On CentOS, the /etc/sysctl.conf file is empty, except for a few comments. These comments tell you to look elsewhere for the default configuration files and to make changes by creating new configuration files in the /etc/sysctl.d directory.

The default security settings for CentOS are pretty much the same as they are for Ubuntu, except they're configured in different places. For example, on CentOS, the spoof protection (rp_filter) parameters and the link protection parameters are in the /usr/lib/sysctl.d/50-default.conf file.

By piping a sysctl -a command into grep, you'll also see that syncookies are enabled:

[donnie@centos7-tm1 ~]$ sudo sysctl -a | grep 'syncookie'
net.ipv4.tcp_syncookies = 1
[donnie@centos7-tm1 ~]$

The same is true for secure_redirects:

[donnie@centos7-tm1 ~]$ sudo sysctl -a | grep 'secure_redirects'
net.ipv4.conf.all.secure_redirects = 1
net.ipv4.conf.default.secure_redirects = 1
net.ipv4.conf.enp0s3.secure_redirects = 1
net.ipv4.conf.lo.secure_redirects = 1
net.ipv4.conf.virbr0.secure_redirects = 1
net.ipv4.conf.virbr0-nic.secure_redirects = 1
[donnie@centos7-tm1 ~]$

Curiously, you won't find any settings for either secure_redirects or syncookies in any CentOS configuration file. To try to solve this mystery, I did a grep search throughout the whole filesystem for these text strings. Here's part of what I found by searching for syncookies:

[donnie@centos7-tm1 /]$ sudo grep -ir 'syncookies' *
. . .
. . .
boot/System.map-3.10.0-123.el7.x86_64:ffffffff819ecf8c D sysctl_tcp_syncookies
boot/System.map-3.10.0-123.el7.x86_64:ffffffff81a5b71c t init_syncookies
. . .
. . .

The only places where grep finds either the syncookies or the secure_redirects text strings are in the System.map files in the /boot directory. So, my best guess is that these values are hardcoded into the kernel so that there's no need to configure them in a sysctl configuration file.