ExamTopics Logo
Mail Us[email protected]
Menu
Fortinet Discussions
exam questions

Exam NSE7_PBC-6.4 All Questions

View all questions & answers for the NSE7_PBC-6.4 exam
Go to Exam

Exam NSE7_PBC-6.4 topic 1 question 2 discussion

Actual exam question from Fortinet's NSE7_PBC-6.4
Question #: 2
Topic #: 1
[All NSE7_PBC-6.4 Questions]

You have been tasked with deploying FortiGate VMs in a highly available topology on the Amazon Web Services (AWS) cloud. The requirements for your deployment are as follows:
* You must deploy two FortiGate VMs in a single virtual private cloud (VPC), with an external elastic load balancer which will distribute ingress traffic from the internet to both FortiGate VMs in an active-active topology.
* Each FortiGate VM must have two elastic network interfaces: one will connect to a public subnet and other will connect to a private subnet.
* To maintain high availability, you must deploy the FortiGate VMs in two different availability zones.
How many public and private subnets will you need to configure within the VPC?

  • A. One public subnet and two private subnets
  • B. Two public subnets and one private subnet
  • C. Two public subnets and two private subnets
  • D. One public subnet and one private subnet
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by RueDizz at March 31, 2022, 9:36 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
smahah
2 years, 5 months ago
Selected Answer: C
"Each subnet must reside entirely within one Availability Zone and cannot span zones" from AWS documentation (https://docs.aws.amazon.com/vpc/latest/userguide/configure-subnets.html). Since we need to deploy in 2 AZs -> 1 pub and 1 priv subnet for each AZ
upvoted 2 times
...
charruco
2 years, 7 months ago
Selected Answer: C
C. Two public subnets and two private subnets https://github.com/fortinet/aws-cloudformation-templates/blob/master/LambdaAA-RouteFailover/6.0/README.md
upvoted 1 times
...
elgato01
3 years, 1 month ago
Selected Answer: C
Official documentation: https://docs.fortinet.com/document/fortigate-public-cloud/6.4.0/aws-administration-guide/682830/deploying-and-configuring-fortigate-vm-active-active-ha which takes you here: https://github.com/fortinet/aws-cloudformation-templates/tree/master/LambdaAA-RouteFailover/6.0 where it states that two by two
upvoted 3 times
...
Thusi26
3 years, 1 month ago
A should be correct if you think logically. After a Failover FortiGate B needs to send out the traffic through the samen Internal / external IP / subnet.
upvoted 1 times
...
Gallego
3 years, 1 month ago
Selected Answer: C
C is correct. You need 1 private and 1 public subnet for each AZ. You need to deploy it in 2 AZ's (same VPC) so you need 2 private and 2 public
upvoted 1 times
...
rteo82
3 years, 1 month ago
C is correct https://github.com/fortinet/aws-cloudformation-templates/blob/master/LambdaAA-RouteFailover/6.0/README.md
upvoted 1 times
...
RueDizz
3 years, 3 months ago
Selected Answer: A
A. One public subnet and two private subnets
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel