20+ practice questions focused on High Availability and Diagnostics — one of the most tested topics on the Fortinet NSE 4 Network Security Professional NSE4 exam. Each question includes a detailed explanation so you learn why the right answer is correct.
Start High Availability and Diagnostics PracticeA network engineer is configuring an SD-WAN rule to steer voice traffic to the MPLS link with the lowest latency. The SLA target is set to latency < 50 ms and jitter < 10 ms. However, the MPLS link occasionally exceeds the latency threshold. What should the engineer do to ensure voice traffic uses the best available link without manual intervention?
Explanation: Option B is correct because configuring a secondary strategy (e.g., fallback to broadband) allows the SD-WAN rule to automatically steer voice traffic to the best available link when the primary MPLS link fails the SLA (latency > 50 ms). This ensures continuous SLA compliance without manual intervention, leveraging Fortinet's SD-WAN dynamic path selection based on real-time performance metrics.
An administrator has two FortiGate units in an active-passive HA cluster. The cluster is configured to use the heartbeat interface port3. During a failover test, the primary unit fails but the secondary does not take over. What is the most likely cause?
Explanation: In an active-passive HA cluster, the secondary unit monitors the primary's health via the heartbeat interface. If the heartbeat interface (port3) is down on the secondary, it cannot receive or send heartbeat packets, so it will not detect the primary's failure and will not initiate a failover. This is the most direct cause of the secondary not taking over.
A company has two remote sites connected via an SD-WAN overlay. The headquarters uses a FortiGate with two WAN links: Fiber (priority 1) and LTE (priority 2). The SD-WAN rule for business-critical traffic uses the 'best quality' strategy with SLA targets for latency and jitter. The fiber link occasionally experiences high jitter but low latency. The engineer notices that traffic is not failing over to LTE even when jitter exceeds the threshold. What is the most likely reason?
Explanation: Option A is correct because the SD-WAN rule uses the 'best quality' strategy, which selects the best link based on configured SLA metrics. If only latency is configured in the performance SLA, jitter exceeding the threshold will not trigger a failover, as the SLA only evaluates the configured metrics. The fiber link may still meet the latency SLA, so traffic remains on it despite high jitter.
In an active-active HA cluster, which of the following must be identical on both FortiGate units?
Explanation: In an active-active HA cluster, the virtual cluster ID must be identical on both FortiGate units because it defines the cluster group and ensures that only units with the same ID can form an HA cluster. This ID is used in heartbeat packets to verify cluster membership and prevent accidental merging of separate clusters. Without a matching virtual cluster ID, the units will not recognize each other as part of the same HA group.
An SD-WAN rule is configured with a 'manual' strategy and multiple members. The engineer wants to ensure that voice traffic always uses the MPLS link as long as it meets the SLA, otherwise use the broadband link. Which configuration is required?
Explanation: Option B is correct because a manual strategy with ordered members and an SLA check allows the SD-WAN rule to first attempt the MPLS link; if the SLA is met, traffic uses MPLS, and if the SLA fails, the rule automatically fails over to the next member (broadband). This directly implements the engineer's requirement of 'MPLS if SLA met, otherwise broadband.'
+15 more High Availability and Diagnostics questions available
Practice all High Availability and Diagnostics questions1. Baseline your knowledge
Start with 10 questions to gauge your current understanding of High Availability and Diagnostics. This tells you whether you need a concept refresher or just practice.
2. Review every explanation
For each question — right or wrong — read the full explanation. Understanding why an answer is correct is more valuable than knowing the answer itself.
3. Focus on exam traps
High Availability and Diagnostics questions on the NSE4 frequently use trap wording. Look for subtle differences in answers that test your precision, not just general knowledge.
4. Reach 80% consistently
Do repeated sessions until you score 80%+ three times in a row. Then move to mixed-mode practice to test cross-topic recall under realistic conditions.
The exact number varies per candidate. High Availability and Diagnostics is tested as part of the Fortinet NSE 4 Network Security Professional NSE4 blueprint. Practicing with targeted High Availability and Diagnostics questions ensures you can handle any format or difficulty that appears.
Yes. Courseiva provides free NSE4 practice questions across all exam topics and domains. The platform includes topic-based practice, mock exams, missed-question review, bookmarked questions, and readiness tracking — no account required.
Difficulty is subjective, but High Availability and Diagnostics is a high-priority exam concept tested in multiple ways — direct recall, scenario analysis, and command-output interpretation. Consistent practice is the best way to build confidence.
Launch a full High Availability and Diagnostics practice session with instant scoring and detailed explanations.
Start High Availability and Diagnostics Practice →