1. Home
  2. Fortinet
  3. Fortinet Certified Professional Network Security
  4. FCP_FAZ_AD-7.4
  5. FCP - FortiAnalyzer 7.4 Administrator Questions and Answers

Pass the Fortinet Fortinet Certified Professional Network Security FCP_FAZ_AD-7.4 Questions and answers with CertsForce

 Fortinet Exams      Go to Exam Detail      Get Premium Access
Viewing page 3 out of 6 pages
Viewing questions 21-30 out of questions
Questions # 21:

What is the purpose of a dataset query in FortiAnalyzer?

Options:
A.

It sorts log data into tables

B.

It extracts the database schema

C.

It retrieves log data from the database

D.

It injects log data into the database

Expert Solution
Questions # 22:

An administrator fortinet, is able to view logs and perform device management tasks, such as adding and removing registered devices. However, administrator fortinet is not able to create a mall server that can be used to send email.

What could be the problem?

Options:
A.

Fortinet is assigned the Standard_ User administrator profile.

B.

A trusted host is configured.

C.

ADOM mode is configured with Advanced mode.

D.

Fortinet is assigned the Restricted_ User administrator profile.

Expert Solution
Questions # 23:

What happens when the IOC breach detection engine on FortiAnalyzer finds web logs that match a blocklisted IP address?

Options:
A.

The endpoint is marked as Compromised and. optionally, can be put in quarantine.

B.

FortiAnalyzer flags the associated host for further analysis.

C.

A new Infected entry is added for the corresponding endpoint.

D.

The detection engine classifies those logs as Suspicious

Expert Solution
Questions # 24:

Which two statements are true regarding FortiAnalyzer operating modes? (Choose two.)

Options:
A.

When in collector mode, FortiAnalyzer collects logs from multiple devices and forwards these logs in the original binary format.

B.

Collector mode is the default operating mode.

C.

When in collector mode. FortiAnalyzer supports event management and reporting features.

D.

By deploying different FortiAnalyzer devices with collector and analyzer mode in a network, you can improve the overall performance of log receiving, analysis, and reporting

Expert Solution
Questions # 25:

Logs are being deleted from one of your ADOMs earlier that the configured setting for archiving in your data policy. What is the most likely problem?

Options:
A.

The total disk space is insufficient and you need to add other disk.

B.

CPU resources are too high.

C.

The ADOM disk quota is set too low based on log rates.

D.

Logs in that ADOM are being forwarded in real-time to another FortiAnalyzer device.

Expert Solution
Questions # 26:

What is required to authorize a FortiGate on FortiAnalyzer using Fabric authorization?

Options:
A.

A FortiGate ADOM

B.

The FortiGate serial number

C.

A pre-shared key

D.

Valid FortiAnalyzer credentials

Expert Solution
Questions # 27:

What must you consider when using log fetching? (Choose two.)

Options:
A.

The fetch client can retrieve logs from devices that are not added to its local Device Manager

B.

You can use filters to include only logs from a single device.

C.

The fetching profile must include a user with the Super_User profile.

D.

The archive logs retrieved from the server become archive logs in the client.

Expert Solution
Questions # 28:

View the exhibit.

Question # 28

Why is the total quota less than the total system storage?

Options:
A.

3.6% of the system storage is already being used.

B.

Some space is reserved for system use, such as storage of compression files, upload files, and temporary report files

C.

The oftpd process has not archived the logs yet

D.

The logfiled process is just estimating the total quota

Expert Solution
Questions # 29:

Which two statements about creating ADOMs are true1? (Choose two.)

Options:
A.

An administrator with the default standard_User profile can create ADOMs.

B.

Disk quotas can be defined per device inside the ADOM.

C.

FortiAnalyzer creates default ADOMs when ADOMs are enabled.

D.

The ADOM type you create must match the device type you are planning to add.

Expert Solution
Questions # 30:

What is the purpose of employing RAID with FortiAnalyzer?

Options:
A.

To introduce redundancy to your log data

B.

To provide data separation between ADOMs

C.

To separate analytical and archive data

D.

To back up your logs

Expert Solution
Viewing page 3 out of 6 pages
Viewing questions 21-30 out of questions