PrepAway - Latest Free Exam Questions & Answers

Which security design would you use?

A customer wants to secure the network shown in the exhibit with a full redundancy design.
Which security design would you use?

PrepAway - Latest Free Exam Questions & Answers

A.
Place a FortiGate FGCP Cluster between DD and AA, then connect it to SW1, SW2, SW3, and SW4.

B.
Place a FortiGate FGCP Cluster between BB and CC, then connect it to SW1, SW2, SW3, and SW4.

C.
Place a FortiGate FGCP Cluster between BB and AA, then connect it to SW1, SW2, SW3, and SW4.

D.
Place a FortiGate FGCP Cluster between DD and FF, then connect it to SW1, SW2, SW3, and SW4.

4 Comments on “Which security design would you use?

    1. Whatever says:

      Because it leaves your two switches (SW3 and SW4) unprotected. I think they were trying to be tricky with this one. You’re thinking north and south switches which is common meaning SW1 and SW2 are LAN-side switches whilst SW3 and SW4 are WAN-side switches, but that is not specified anywhere to be the case. Thus you have to assume you protect all 4 switches, and the only one that does all that is from AA to DD, though still not a great design and not one that I would do.




      0



      0
      1. Whatever says:

        Alright so this one bugged me all night and I went and researched “full mesh HA” with FortiGates and… lo and behold, I think very much the answer they are looking for was CC and BB. If you look at http://help.fortinet.com/fos50hlp/54/Content/FortiOS/fortigate-high-availability-52/HA_full_meshExample.htm it shows almost this same configuration.

        I was thinking AA and DD because it was the only way you could potentially have all four switches behind a FGT but, the more I thought about that the more I realized I was letting the supposed “right” answer skew my thinking that my instinct was wrong. So Rolf, I stand corrected.




        0



        0

Leave a Reply to Whatever Cancel reply

Your email address will not be published. Required fields are marked *