With active/standby failover, what happens if the standby Cisco ASA does not receive three consecutive hello messages from the active Cisco ASA on the LAN
failover interface?
A.
The standby ASA immediately becomes the active ASA.
B.
The standby ASA eventually becomes the active ASA after three times the hold-down timer interval expires.
C.
The standby ASA runs network activity tests, including ARP and ping, to determine if the active ASA has failed.
D.
The standby ASA sends additional hellos packets on all monitored interfaces, including the LAN failover interface, to determine if the active ASA has failed.
E.
Both ASAs go to the “unknown” state until the LAN interface becomes operational again.
Explanation:
http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/ha_overview.html
Unit Health Monitoring The ASA determines the health of the other unit by monitoring the failover link. When a unit does not receive three consecutive hellomessages on the failover link, the unit sends interface hello messages on each interface, including the failover interface, to validate whether or not the peer
interface is responsive. The action that the ASA takes depends upon the response from the other unit. See the following possible actions:
·If the ASA receives a response on the failover interface, then it does not fail over. ·If the ASA does not receive a response on the failover link, but it does receive a
response on another interface, then the unit does not failover. The failover link is marked as failed. You should restore the failover link as soon as possible because
the unit cannot fail over to the standby while the failover link is down.
·If the ASA does not receive a response on any interface, then the standby unit switches to active mode and classifies the other unit as failed.