Examice

Exam nse8_812 All QuestionsBrowse all questions from this exam

Go to Exam

Question 35

Refer to the exhibits.

Topology -

Configuration -

The exhibits show a FortiGate network topology and the output of the status of high availability on the FortiGate.

Given this information, which statement is correct?

The ethertype values of the HA packets are 0x8890, 0x8891, and 0x8892.

The cluster mode can support a maximum of four (4) FortiGate VMs.

The cluster members are on the same network and the IP addresses were statically assigned.

FGVMEVLQOG33WM3D and FGVMEVGCJNHFYI4A share a virtual MAC address.

Correct Answer: C

The configuration status indicates that the two FortiGate units are in-sync, which is a requirement for high availability (HA). Unicast HA heartbeat interfaces must be connected to the same network, and this necessitates that IP addresses be assigned to these interfaces. The topology depicts that the devices are connected through switches on the same local area network, implying that the IP addresses for the HA heartbeat interfaces are statically assigned. Contrary to some comments, only the peer IP is relevant in unicast HA, indicating static assignment.

Discussion

Viewable8041Option: C

It is C https://docs.fortinet.com/document/fortigate-private-cloud/7.4.0/microsoft-hyper-v-administration-guide/397100/ha Unicast HA heartbeat interfaces must be connected to the same network and you must add IP addresses to these interfaces. The unicast method does not change the FortiGate-VM interface MAC addresses to virtual MAC addresses.

pplee_shOption: C

Agree with Viewable8041

dspavvnOption: D

All answers can be correct to an extent, I would choose D because the virtual mac address is always asigned to the primary. C states they are on the same network, but they are not because there is no connection bridging the switches.

node345Option: D

D is correct because both members in the HA a-p cluster share a virtual MAC for each service port. C is incorrect because only the peer IP should be statically added in unicast mode. The local interface IP can be added by a DHCP server. The documentation says "The heartbeat interfaces must be connected to the same network and the IP addresses must be added to these interfaces". It does not say how - statically or by a DHCP server.

node345

I have to correct myself. C is the correct answer. The diagram shows that port 3 is directly connected, which means that there can be no DHCP server on this segment.

gabrielfOption: D

D is correct, C is wrong because the IP address can be obtained using DHCP even if the FGTs are running in HA A-P mode. https://community.fortinet.com/t5/FortiGate/Technical-Tip-FortiGate-HA-and-dynamic-interface-support-DHCP/ta-p/193933

ama6Option: D

guys D is correct

ac89l

nah ,,C is correct

pplee_shOption: D

When HA A-P, they are sharing the same virtual MAC