FortiGate Active-Passive High Availability (H-A) Quiz

Play an AI-generated podcast conversation about this lesson

Which component is required in the environment for an active-passive deployment of FortiGate VMs?

One internal Azure standard load balancer

Three public IPs

One V-NET with one protected subnet (correct)

One external Azure standard load balancer

What is the purpose of the external Azure standard load balancer in the FortiGate setup?

To configure S-NAT for North-South traffic

To handle traffic failover using a health probe

To provide communication with the internet (correct)

To receive all internal traffic and forward it to its destination

How many public IPs are used in the FortiGate setup for management access?

Four

Three

Two (correct)

One

What is the purpose of UDRs in the FortiGate setup?

To redirect traffic to the internal load balancer Signup and view all the answers

How do the FortiGate VMs communicate with each other in the active-passive deployment?

Using the unicast FGCP H-A protocol Signup and view all the answers

What is the recommended method to avoid asymmetric routing in the FortiGate setup?

Configuring S-NAT for North-South traffic Signup and view all the answers

What is required to deploy FortiGate VMs for Azure Autoscale?

Virtual machine scale sets Signup and view all the answers

What does the Azure function app handle in the FortiGate Autoscale deployment?

All of the above Signup and view all the answers

What information is stored in the tables of Cosmos DB in the FortiGate Autoscale deployment?

All of the above Signup and view all the answers

What is one of the options to create a site-to-site IPsec VPN connection with Azure using FortiGate?

FortiGate in your local network Signup and view all the answers

Which component is required for the FortiGate Active-Passive H-A with Fabric Connector deployment?

One V-NET with one protected subnet Signup and view all the answers

What is the purpose of the first public IP in the FortiGate Active-Passive H-A with Fabric Connector deployment?

Access through the active FortiGate Signup and view all the answers

What is the role of the SDN fabric connector in the FortiGate Active-Passive H-A with Fabric Connector deployment?

To facilitate failover Signup and view all the answers

What protocol do the two FortiGate VMs use to synchronize the configuration in the active-passive deployment?

FortiGate Clustering Protocol (FGCP) Signup and view all the answers

Why is the active-passive deployment with the Azure load balancer the preferred option?

Both faster failover time and easier management Signup and view all the answers

What must be done after the deployment of the FortiGate Active-Passive H-A with Fabric Connector?

Apply the Reader role to the Azure Subscription Signup and view all the answers

What is the purpose of the two additional public IPs in the FortiGate Active-Passive H-A with Fabric Connector deployment?

Management access Signup and view all the answers

What is the main advantage of using the FortiGate Active-Passive H-A with Fabric Connector deployment?

Customizable traffic inspection Signup and view all the answers

Why is the FortiGate Active-Passive H-A with Fabric Connector deployment not used very frequently?

Longer failover time Signup and view all the answers

What is the purpose of the user-defined routes (UDRs) in the FortiGate Active-Passive H-A with Fabric Connector deployment?

To customize traffic routing Signup and view all the answers

Which two options are available for establishing a site-to-site IPsec VPN with your Azure network?

FortiGate in your local network and Azure VPN Gateway on the Azure side Signup and view all the answers

What is the recommended solution for ensuring the best protection and avoiding the administrative burden of managing multiple VPN platforms?

FortiGate in your local network and FortiGate VM on the Azure side Signup and view all the answers

What can you deploy on either end of the connection for scenarios that require high availability?

FortiGate H-A clusters Signup and view all the answers

What can you use to establish a site-to-site IPsec VPN with your Azure network if you want similar results with either option?

FortiGate in your local network and FortiGate VM on the Azure side Signup and view all the answers

Which option is recommended for ensuring the best protection and avoiding the administrative burden of managing multiple VPN platforms?

FortiGate in your local network and FortiGate VM on the Azure side Signup and view all the answers

What is the purpose of deploying FortiGate H-A clusters on either end of the connection?

To provide high availability Signup and view all the answers

Which option is recommended for scenarios that require high availability?

FortiGate H-A clusters Signup and view all the answers

Which option is recommended for establishing a site-to-site IPsec VPN with your Azure network if you want the best protection and want to avoid managing multiple VPN platforms?

FortiGate in your local network and FortiGate VM on the Azure side Signup and view all the answers

What is the purpose of using FortiGate on both ends of the connection?

To ensure the best protection and avoid the administrative burden of managing multiple VPN platforms Signup and view all the answers

What is the purpose of using FortiGate in your local network and FortiGate VM on the Azure side?

To establish a site-to-site IPsec VPN with your Azure network Signup and view all the answers

FortiGate Active-Passive High Availability (H-A) Quiz

Choose a study mode

Podcast

Questions and Answers

Which component is required in the environment for an active-passive deployment of FortiGate VMs?

What is the purpose of the external Azure standard load balancer in the FortiGate setup?

How many public IPs are used in the FortiGate setup for management access?

What is the purpose of UDRs in the FortiGate setup?

How do the FortiGate VMs communicate with each other in the active-passive deployment?

What is the recommended method to avoid asymmetric routing in the FortiGate setup?

What is required to deploy FortiGate VMs for Azure Autoscale?

What does the Azure function app handle in the FortiGate Autoscale deployment?

What information is stored in the tables of Cosmos DB in the FortiGate Autoscale deployment?

What is one of the options to create a site-to-site IPsec VPN connection with Azure using FortiGate?

Which component is required for the FortiGate Active-Passive H-A with Fabric Connector deployment?

What is the purpose of the first public IP in the FortiGate Active-Passive H-A with Fabric Connector deployment?

What is the role of the SDN fabric connector in the FortiGate Active-Passive H-A with Fabric Connector deployment?

What protocol do the two FortiGate VMs use to synchronize the configuration in the active-passive deployment?

Why is the active-passive deployment with the Azure load balancer the preferred option?

What must be done after the deployment of the FortiGate Active-Passive H-A with Fabric Connector?

What is the purpose of the two additional public IPs in the FortiGate Active-Passive H-A with Fabric Connector deployment?

What is the main advantage of using the FortiGate Active-Passive H-A with Fabric Connector deployment?

Why is the FortiGate Active-Passive H-A with Fabric Connector deployment not used very frequently?

What is the purpose of the user-defined routes (UDRs) in the FortiGate Active-Passive H-A with Fabric Connector deployment?

Which two options are available for establishing a site-to-site IPsec VPN with your Azure network?

What is the recommended solution for ensuring the best protection and avoiding the administrative burden of managing multiple VPN platforms?

What can you deploy on either end of the connection for scenarios that require high availability?

What can you use to establish a site-to-site IPsec VPN with your Azure network if you want similar results with either option?

Which option is recommended for ensuring the best protection and avoiding the administrative burden of managing multiple VPN platforms?

What is the purpose of deploying FortiGate H-A clusters on either end of the connection?

Which option is recommended for scenarios that require high availability?

Which option is recommended for establishing a site-to-site IPsec VPN with your Azure network if you want the best protection and want to avoid managing multiple VPN platforms?

What is the purpose of using FortiGate on both ends of the connection?

What is the purpose of using FortiGate in your local network and FortiGate VM on the Azure side?

More Like This

FortiGate Conserve Mode Quiz

FortiGate Automation Testing

FortiGate VMs for Azure Autoscale

FortiGate VMs and User-Defined Routes (UDRs)

Upgrade to continue