View all questions & answers for the NSE 6 – LAN Edge 7.6 Architect Exam Materials exam


NSE 6 – LAN Edge 7.6 Architect Exam Materials-Question 44 Discussion
Comment Image Comment Image Comment Image

When the MAC address of a device is placed in quarantine on FortiSwitch, what happens to its egress traffic? (Choose one answer)

  • A. Traffic is sent as untagged traffic.
  • B. Traffic is assigned to the native VLAN.
  • C. Traffic is sent to an allowed VLAN.
  • D. Traffic is sent to an access VLAN.
Correct Answer: D

Brave-Dump Clients Votes

D 50%
C 50%

Comments



Anonymous User 2026-04-01 14:48:31

Selected Answers: D


Guess it should be D: "Access VLAN" (see p. 129 Study Guide) is a specific Fortinet feature to isolate devices within a VLAN. This feature is enabled by default on the quarantine VLAN.

Anonymous User 2026-05-28 15:28:19

Selected Answers: D


p129 quarantine is access vlan

Anonymous User 2026-06-03 18:48:04

Selected Answers: C


When a device's MAC address is quarantined on a FortiSwitch, its traffic must be isolated. In the FortiSwitch architecture, once a quarantine VLAN is configured, the egress traffic from the affected device is automatically redirected to the quarantine VLAN.

Correct answer: C. Traffic is sent to an allowed VLAN.

Technical Explanation
In a FortiSwitch environment managed by FortiGate, the NAC (Network Access Control) quarantine process functions as follows:

Isolation: When a device is quarantined, the existing VLAN assignment on the FortiSwitch port is overridden.

VLAN Redirection: The FortiSwitch redirects the device's traffic exclusively to a specific "allowed" VLAN designated for quarantine (Quarantine VLAN). This VLAN typically restricts access to the internet or internal critical resources, providing only monitoring capabilities or limited connectivity.

Why C? The term "Allowed VLAN" in the options refers to the target VLAN defined within the quarantine profile in the FortiSwitch configuration. The switch tags the device's traffic with this "allowed" (quarantine) VLAN ID, ensuring that only this specific path is used for its egress traffic.

Anonymous User 2026-06-03 19:17:00

Selected Answers: C


When the quarantine feature is enabled on the FortiGate unit, it creates a quarantine VLAN (qtn.<FortiLink_port_name>) and a quarantine DHCP server (with the quarantine VLAN as default gateway) on the virtual domain. The quarantine VLAN is applied to the allowed and untagged VLANs on all connected FortiSwitch ports.

https://docs.fortinet.com/document/fortiswitch/7.4.1/fortilink-guide/173282/quarantines