Fortinet FCP_FAZ_AN-7.4 Übungsprüfungen
Zuletzt aktualisiert am 26.04.2025- Prüfungscode: FCP_FAZ_AN-7.4
- Prüfungsname: Fortinet FCP - FortiAnalyzer 7.4 Analyst
- Zertifizierungsanbieter: Fortinet
- Zuletzt aktualisiert am: 26.04.2025
What is the purpose of using prefilters when configuring event handlers?
- A . They download new filters to be used in event handlers.
- B . They limit which logs are checked for matches by the other filters.
- C . They are common filters applied simultaneously to all event handlers.
- D . They can filter the logs before they are processed by FortiAnalyzer
Which statement correctly describes the management extensions available on FortiAnalyzer?
- A . Management extensions do not require additional licenses.
- B . Management extensions may require a minimum number of CPU cores to run.
- C . Management extensions allow FortiAnalyzer to act as a FortiSIEM supervisor.
- D . Management extensions require a dedicated VM for best performance.
When is the execution of a playbook considered as failed?
- A . When the playbook is disabled
- B . When all the tasks fail
- C . When the playbook is imported from another ADOM
- D . When at least one of the tasks fails
After you have moved a registered logging device out of one ADOM and into a new ADOM, what is the purpose of running the following CLI command?
execute sql-local rebuild-adom <new-ADOM-name>
- A . To reset the disk quota enforcement to default
- B . To remove the analytics logs of the device from the old database
- C . To migrate the archive logs to the new ADOM
- D . To populate the new ADOM with analytical logs for the moved device, so you can run reports
You have recently grouped multiple FortiGate devices into a single ADOM. System Settings > Storage Info shows the quota used.
What does the disk quota refer to?
- A . The maximum disk utilization for each device in the ADOM
- B . The maximum disk utilization for the FortiAnalyzer model
- C . The maximum disk utilization for the ADOM type
- D . The maximum disk utilization for all devices in the ADOM
Which two items are downloaded automatically by the Outbreak Detection Service? (Choose two.)
- A . Incident template
- B . Customized playbook
- C . Event Handler
- D . Report Template
Which statement is true about sending notifications with incident updates?
- A . You can send notifications to multiple external platforms.
- B . If you use multiple fabric connectors, all connectors must have the same notification settings.
- C . Notifications can be sent only by email.
- D . Notifications can be sent only when an incident is updated or deleted.
Which two methods can you use to send event notifications when an event occurs that matches a configured event handler? (Choose two.)
- A . SMS
- B . Email
- C . SNMP
- D . IM
What is Log Insert Lag Time on FortiAnalyzer?
- A . The number of times in the logs where end users experienced slowness while accessing resources.
- B . The amount of lag time that occurs when the administrator is rebuilding the ADOM database.
- C . The amount of time that passes between the time a log was received and when it was indexed on FortiAnalyzer.
- D . The amount of time FortiAnalyzer takes to receive logs from a registered device
An administrator has configured the following settings:
config system global
set log-checksum md5-auth
end
What is the significance of executing this command?
- A . This command records the log file MD5 hash value.
- B . This command records passwords in log files and encrypts them.
- C . This command encrypts log transfer between FortiAnalyzer and other devices
- D . This command records the log file MD5 hash value and authentication code.