Fortinet FCP_FAZ_AD-7.4 Übungsprüfungen
Zuletzt aktualisiert am 26.04.2025- Prüfungscode: FCP_FAZ_AD-7.4
- Prüfungsname: FCP - FortiAnalyzer 7.4 Administrator
- Zertifizierungsanbieter: Fortinet
- Zuletzt aktualisiert am: 26.04.2025
Which log type does the FortiAnalyzer indicators of compromise feature use to identify infected hosts?
- A . Antivirus logs
- B . Web filter logs
- C . IPS logs
- D . Application control logs
Which statement when you are upgrading the firmware on an HA cluster made up of three FortiAnalyzer devices is true?
- A . You can perform the firmware upgrade using only a console connection.
- B . All FortiAnalyzer devices will be upgraded at the same time.
- C . Enabling uninterruptible-upgrade prevents normal operations from being interrupted during the upgrade.
- D . First, upgrade the secondary devices, and then upgrade the primary device.
An administrator, fortinet, can view logs and perform device management tasks, such as adding and removing registered devices. However, administrator fortinet is not able to create a mail server that can be used to send alert emails.
What can be the problem?
- A . ADOM mode is configured with Advanced mode.
- B . A trusted host is configured.
- C . fortinet is assigned the default Standard_User administrative profile.
- D . fortinet is assigned the default Restricted_User administrative profile.
Which statement correctly describes RAID 10 (1+0) on FortiAnalyzer?
- A . A configuration with four disks, each with 2 TB of capacity, provides a total space of 4 TB.
B 11 combines mirroring striping and distributed parity to provide performance and fault tolerance - B . A configuration with four disks, each with 2 TB of capacity, provides a total space of 2 TB.
- C . It uses striping to provide performance and fault tolerance.
View the exhibit:
What does the 1000MB maximum for disk utilization refer to?
- A . The disk quota for the FortiAnalyzer model
- B . The disk quota for all devices in the ADOM
- C . The disk quota for each device in the ADOM
- D . The disk quota for the ADOM type
For which two purposes would you use the command set log checksum? (Choose two.)
- A . To help protect against man-in-the-middle attacks during log upload from FortiAnalyzer to an SFTP server
- B . To prevent log modification or tampering
- C . To encrypt log communications
- D . To send an identical set of logs to a second logging server
After you have moved a registered logging device out of one ADOM and into a new ADOM, what is the purpose of running the following CLI command?
execute sql-local rebuild-adom <new-ADOM-name>
- A . To reset the disk quota enforcement to default
- B . To remove the analytics logs of the device from the old database
- C . To migrate the archive logs to the new ADOM
- D . To populate the new ADOM with analytical logs for the moved device, so you can run reports
Which two statements regarding FortiAnalyzer log forwarding modes are true? (Choose two.)
- A . Both modes, forwarding and aggregation, support encryption of logs between devices.
- B . In aggregation mode, you can forward logs to syslog and CEF servers.
- C . Forwarding mode forwards logs in real time only to other FortiAnalyzer devices.
- D . Aggregation mode stores logs and content files and uploads them to another FortiAnalyzer device at a scheduled time.
You are trying to initiate an authorization request from FortiGate to FortiAnalyzer, but the Security Fabric window does not open when you click Authorize.
Which two reasons can cause this to happen? (Choose two.)
- A . A pre-shared key needs to be established on both sides.
- B . The management computer does not have connectivity to the authorization IP address and port combination.
- C . The Security Fabric root is unauthorized and needs to be added as a trusted host.
- D . The fabric authorization settings on FortiAnalyzer are misconfigured.
What are offline logs on FortiAnalyzer?
- A . Compressed logs, also known as archive logs
- B . Logs that are indexed and stored in the SQL database
- C . Any logs collected from offline devices after they boot up
- D . Real-time logs that are not yet indexed