1. Home
  2. Fortinet
  3. Fortinet Certified Professional Network Security
  4. FCP_FAZ_AD-7.4
  5. FCP - FortiAnalyzer 7.4 Administrator Questions and Answers

Pass the Fortinet Fortinet Certified Professional Network Security FCP_FAZ_AD-7.4 Questions and answers with CertsForce

 Fortinet Exams      Go to Exam Detail      Get Premium Access
Viewing page 5 out of 6 pages
Viewing questions 41-50 out of questions
Questions # 41:

An administrator, fortinet, can view logs and perform device management tasks, such as adding and removing registered devices. However, administrator fortinet is not able to create a mail server that can be used to send alert emails.

What can be the problem?

Options:
A.

ADOM mode is configured with Advanced mode.

B.

A trusted host is configured.

C.

fortinet is assigned the default Standard_User administrative profile.

D.

fortinet is assigned the default Restricted_User administrative profile.

Expert Solution
Questions # 42:

What must you configure on FortiAnalyzer to upload a FortiAnalyzer report to a supported external server?

(Choose two.)

Options:
A.

SFTP, FTP, or SCP server

B.

Mail server

C.

Output profile

D.

Report scheduling

Expert Solution
Questions # 43:

How can you configure FortiAnalyzer to permit administrator logins from only specific locations?

Options:
A.

Use static routes

B.

Use administrative profiles

C.

Use trusted hosts

D.

Use secure protocols

Expert Solution
Questions # 44:

Refer to the exhibit.

Question # 44

The capture displayed was taken on a FortiAnalyzer.

Why is a single IP address shown as the source for all logs received?

Options:
A.

FortiAnalyzer is using the device MAC addresses to differentiate their logs.

B.

The logs belong to devices that are part of a high availability (HA) cluster.

C.

FortiAnalyzer is receiving logs from the root FortiGate of a Security Fabric.

D.

The device sending logs has two VDOMs in the same ADOM.

Expert Solution
Questions # 45:

Which SQL query is in the correct order to query the database in the FortiAnslyzer?

Options:
A.

SELECT devid FROM Slog GROOP BY devid WHERE * user' =* USERl'

B.

SELECT devid WHERE 'u3er'='USERl' FROM $ log GROUP BY devid

C.

SELECT devid FROM Slog- WHERE *user' =' USERl' GROUP BY devid

D.

FROM Slog WHERE 'user* =' USERl' SELECT devid GROUP BY devid

Expert Solution
Questions # 46:

Which two of the following must you configure on FortiAnalyzer to email a FortiAnalyzer report externally?

(Choose two.)

Options:
A.

Mail server

B.

Output profile

C.

SFTP server

D.

Report scheduling

Expert Solution
Questions # 47:

You need to upgrade your FortiAnalyzer firmware.

What happens to the logs being sent to FortiAnalyzer from FortiGate during the time FortiAnalyzer is

temporarily unavailable?

Options:
A.

FortiAnalyzer uses log fetching to retrieve the logs when back online

B.

FortiGate uses the miglogd process to cache the logs

C.

The logfiled process stores logs in offline mode

D.

Logs are dropped

Expert Solution
Questions # 48:

Refer to the exhibit.

Question # 48

Based on the partial outputs displayed, which devices can be members of a FortiAnalyzer Fabric?

Options:
A.

FortiAnalyzerl and FortiAnalyzer3

B.

FortiAnalyzer1 and FortiAnalyzer2

C.

All devices listed can be members

D.

FortiAnalyzer2 and FortiAnalyzer3

Expert Solution
Questions # 49:

Which log will generate an event with the status Contained?

Options:
A.

An IPS log with action=pass.

B.

A WebFilter log with action=dropped.

C.

An AV log with action=quarantine.

D.

An AppControl log with action=blocked.

Expert Solution
Questions # 50:

Which statement describes online logs on FortiAnalyzer?

Options:
A.

Logs that reached a specific size and were rolled over

B.

Logs that can be used to create reports

C.

Logs that can be viewed using Log Browse

D.

Logs that are saved to disk, compressed, and available in FortiView

Expert Solution
Viewing page 5 out of 6 pages
Viewing questions 41-50 out of questions