Month End Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmas50

Fortinet FCP_FAZ_AD-7.4 - FCP - FortiAnalyzer 7.4 Administrator

Fortinet FCP_FAZ_AD-7.4 Premium Access     Download Demo    
Page: 1 / 6
Total 183 questions

Refer to the exhibit.

The image displays the configuration of a FortiAnalyzer the administrator wants to join to an existing HA cluster.

What can you conclude from the configuration displayed?

A.

This FortiAnalyzer will join to the existing HA cluster as the primary.

B.

This FortiAnalyzer is configured to receive logs in its port1.

C.

This FortiAnalyzer will trigger a failover after losing communication with its peers for 10 seconds.

D.

After joining to the cluster, this FortiAnalyzer will keep an updated log database.

On the RAID management page, the disk status is listed as Initializing.

What does the status Initializing indicate about what the FortiAnalyzer is currently doing?

A.

FortiAnalyzer is ensuring that the parity data of a redundant drive is valid

B.

FortiAnalyzer is writing data to a newly added hard drive to restore it to an optimal state

C.

FortiAnalyzer is writing to all of its hard drives to make the array fault tolerant

D.

FortiAnalyzer is functioning normally

What is Log Insert Lag Time on FortiAnalyzer?

A.

The number of times in the logs where end users experienced slowness while accessing resources.

B.

The amount of lag time that occurs when the administrator is rebuilding the ADOM database.

C.

The amount of time that passes between the time a log was received and when it was indexed on FortiAnalyzer.

D.

The amount of time FortiAnalyzer takes to receive logs from a registered device

For proper log correlation between the logging devices and FortiAnalyzer, FortiAnalyzer and all registered

devices should:

A.

Use DNS

B.

Use host name resolution

C.

Use real-time forwarding

D.

Use an NTP server

Logs are being deleted from one of your ADOMs earlier that the configured setting for archiving in your data policy. What is the most likely problem?

A.

The total disk space is insufficient and you need to add other disk.

B.

CPU resources are too high.

C.

The ADOM disk quota is set too low based on log rates.

D.

Logs in that ADOM are being forwarded in real-time to another FortiAnalyzer device.

Which two statements regarding FortiAnalyzer log forwarding modes are true? (Choose two.)

A.

Both modes, forwarding and aggregation, support encryption of logs between devices.

B.

In aggregation mode, you can forward logs to syslog and CEF servers.

C.

Forwarding mode forwards logs in real time only to other FortiAnalyzer devices.

D.

Aggregation mode stores logs and content files and uploads them to another FortiAnalyzer device at a scheduled time.

Which two methods are the most common methods to control and restrict administrative access on FortiAnalyzer? (Choose two.)

A.

Virtual domains

B.

Administrative access profiles

C.

Trusted hosts

D.

Security Fabric

What happens when the IOC breach detection engine on FortiAnalyzer finds web logs that match a blocklisted IP address?

A.

The endpoint is marked as Compromised and. optionally, can be put in quarantine.

B.

FortiAnalyzer flags the associated host for further analysis.

C.

A new Infected entry is added for the corresponding endpoint.

D.

The detection engine classifies those logs as Suspicious

Which two statements are true regarding ADOM modes? (Choose two.)

A.

You can only change ADOM modes through CLI.

B.

In normal mode, the disk quota of the ADOM is fixed and cannot be modified, but in advance mode, the disk quota of the ADOM is flexible because new devices are added to the ADOM.

C.

In an advanced mode ADOM. you can assign FortiGate VDOMs from a single FortiGate device to multiple FortiAnalyzer ADOMs.

D.

Normal mode is the default ADOM mode.

The admin administrator is failing to register a FortiClient EMS on the FortiAnalyzer device.

What can be the reason for this failure?

A.

FortiAnalyzer is in an HA cluster.

B.

ADOM mode should be set to advanced, in order to register the FortiClient EMS device.

C.

ADOMs are not enabled on FortiAnalyzer.

D.

A separate license is required on FortiAnalyzer in order to register the FortiClient EMS device.