Fortinet NSE 5 - FortiNAC-F 7.6 Administrator NSE5_FNC_AD_7.6 Question # 14 Topic 2 Discussion

NSE5_FNC_AD_7.6 Exam Topic 2 Question 14 Discussion:

Question #: 14

Topic #: 2

When preparing network infrastructure devices for visibility, what are the two main advantages of using MAC notification traps on supported devices instead of link-up and link-down traps? (Choose two.)

MAC notification traps include IP address information.

Overhead on FortiNAC-F and the infrastructure device is reduced.

Hosts connecting to downstream non-managed hubs are immediately learned.

Faster visibility updates with only a slight increase in processing.

Get Premium NSE5_FNC_AD_7.6 Questions

Explanation

Comprehensive and Detailed Explanation From Exact Extract of FortiNAC-F 7.6 Administrator Guide or Knowledge:

Exact Extract:

The FortiNAC-F study guide states that MAC notification traps are preferred because FortiNAC-F does not need to connect back to the infrastructure device every time a link-up or link-down trap is received. The required MAC and port information is already included in the MAC notification trap, which makes database updates faster and uses fewer resources. It also states that hosts and devices connected through hubs or IP phones are seen immediately, even when the downstream device cannot generate link-up or link-down traps.

Technical Deep Dive:

The correct answers are B and C . With link-up/link-down traps, the trap only tells FortiNAC-F that an interface changed state. FortiNAC-F then has to perform an L2 poll against the switch forwarding table to discover which MAC address appeared or disappeared. That means extra SNMP/CLI activity, more delay, and more processing on both FortiNAC-F and the switch. The guide confirms that link traps trigger FortiNAC-F to perform a Layer 2 poll, while MAC notification traps directly contain the learned or removed MAC address and associated port.

Option A is wrong because MAC notification traps are Layer 2 visibility events. They identify MAC address and port , not IP address. IP-to-MAC correlation comes from Layer 3 polling or DHCP fingerprinting, not MAC notification traps. Option D is badly worded and should not be selected: MAC notification traps do provide faster updates, but the processing overhead is reduced, not slightly increased.

Operationally, on supported switches you enable SNMP traps for MAC address-table changes and point the trap destination to FortiNAC-F. On Cisco-style infrastructure, this is usually done with commands such as snmp-server host < FortiNAC-IP > version 2c < community > plus MAC notification trap configuration. Do not enable MAC notification traps on uplinks, because uplinks learn many downstream MAC addresses and would create misleading endpoint-location data.

Actual exam question for Fortinet NSE5_FNC_AD_7.6 exam by Xander5690 at May 24, 2026, 12:09:35 AM

Contribute your Thoughts:

Chosen Answer: A B C D
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

Pre-Summer Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: force70

Fortinet NSE 5 - FortiNAC-F 7.6 Administrator NSE5_FNC_AD_7.6 Question # 14 Topic 2 Discussion

Fortinet NSE 5 - FortiNAC-F 7.6 Administrator NSE5_FNC_AD_7.6 Question # 14 Topic 2 Discussion

Correct Answer:

Options Selected by Other Users:

Contribute your Thoughts:

Pre-Summer Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: force70

Fortinet NSE 5 - FortiNAC-F 7.6 Administrator NSE5_FNC_AD_7.6 Question # 14 Topic 2 Discussion

Fortinet NSE 5 - FortiNAC-F 7.6 Administrator NSE5_FNC_AD_7.6 Question # 14 Topic 2 Discussion

Correct Answer:

Options Selected by Other Users:

Contribute your Thoughts:

Awaiting moderator approval