NSE 7 — Enterprise Firewall — Question 66

An administrator is configuring two FortiGate devices in an HA cluster. While configuring the devices, the administrator issues the following commands on both HA cluster members:

config system ha
set link-failed-signal enable

In which two ways do these commands impact the HA cluster? (Choose two.)

Answer options

• A. They force the switches to update their MAC forwarding tables, when failover happens.
• B. They force the former primary to send gratuitous ARP packets when the failover happens to indicate that the virtual MAC address is now using a different device.
• C. They force both HA devices for remote link monitoring to detect an issue in the forwarding path.
• D. They force the former primary to shut down all its interfaces for one second when failover happens, excluding the heartbeat and reserved management interfaces.

Correct answer: A, D

Explanation

The correct answers, A and D, are accurate because enabling link-failed-signal ensures switches update their MAC tables upon failover and prompts the former primary to temporarily shut down its interfaces to prevent traffic disruption. Options B and C are incorrect as they do not pertain to the direct effects of the link-failed-signal command in the HA configuration.