nse8_812 Exam QuestionsBrowse all questions from this exam

nse8_812 Exam - Question 42


Refer to the exhibit.

A customer has deployed a FortiGate 200F high-availability (HA) cluster that contains a TPM chip. The exhibit shows output from the FortiGate CLI session where the administrator enabled TPM.

Following these actions, the administrator immediately notices that both FortiGate high availability (HA) status and FortiManager status for the FortiGate are negatively impacted.

What are the two reasons for this behavior? (Choose two.)

Show Answer
Correct Answer: BE

The configuration for TPM is not synchronized between FortiGate HA cluster members, as each member must use the same master-encryption-key to synchronize properly. Additionally, when the private-data-encryption setting is enabled, FortiManager requires the FortiGate encryption key to be manually entered to manage the device configurations successfully. These factors impact both the HA status of the FortiGate cluster and its management status in FortiManager.

Discussion

7 comments
Sign in to comment
Viewable8041Options: AC
Sep 5, 2023

according to https://docs.fortinet.com/document/fortigate-7000/7.0.12/fortigate-7000f-handbook/254816/tpm-support i am with A and C

Viewable8041Options: BC
Sep 5, 2023

Sorry... here the link and the correct answers It is B and C https://docs.fortinet.com/document/fortigate/7.4.0/administration-guide/893277/trusted-platform-module-support

Meh057
Feb 25, 2024

https://docs.fortinet.com/document/fortimanager/7.4.2/administration-guide/30332/verifying-devices-with-private-data-encryption-enabled

node345Options: BE
Feb 29, 2024

B and E are correct: B because of: "In HA configurations, each cluster member must use the same master‑encryption‑key so that the HA cluster can form and its members can synchronize their configurations." E because of "When a FortiGate with the private-data-encryption setting enabled is added to FortiManager, FortiManager requires the FortiGate encryption key to be entered in FortiManager to successfully install device configuration settings and manage the added FortiGate. If the private-data-encryption setting is enabled on an already managed FortiGate, you must manually retrieve device configuration settings again on the FortiManager."

Viewable8041Options: BC
Sep 5, 2023

Sorry... here the link and the correct answers It is B and C https://docs.fortinet.com/document/fortigate/7.4.0/administration-guide/893277/trusted-platform-module-support

ama6
Sep 29, 2023

i"m with you on that one #Viewable8041

Pat1361Options: BE
Jul 17, 2024

i just tested it in the lab.