Lesson 14

Question 1

Active/active failover requires the use of ______

Answer 1

contexts

Question 2

In _________failover, the firewalls still alternate their roles so that one unit is active and one is in standby .

Answer 2

active - active

Question 3

_______ command on the standby firewall to cause failover.

_______ command is used on the active firewall to cause failover.

Answer 3

failover active

no failover active

Question 4

If the firewall does not receive hello messages ( keep - alives ), after retrying twice 3 consecutive hellos missed (a user - configurable value), then the firewall runs the following tests on that particular interface:

Answer 4

Link Up/Down test

Network Activity test (Arp / broadcast)

Question 5

The unit poll time - amount of time between hello messages - default is _ second

Answer 5

One

Question 6

The unit hold time is __ seconds. Sets the time during which a unit must receive a hello message on the failover link, after which the peer unit is declared failed.

Answer 6

15

Question 7

The interface poll time is _ seconds.
The interface hold time is __ seconds
.

Answer 7

5

25

Question 8

If a failover occurs, the current standby unit promotes itself to the active role and changes its ____________ on the data interfaces to match those of the primary .

Answer 8

IP and MAC addresses

Question 9

When stateful failover is used, the following state information is replicated to the standby firewall :

Answer 9

– xlate tables with static and dynamic translations
– TCP and UDP connection tables
– ISAKMP and IPsec security association tables
– System clock and uptime information.

Question 10

By default, HTTP session information is not replicated. It needs to be enabled manually (use the ___________ command). Also, DHCP leases and routing tables are not replicated.

Answer 10

failover replication http