Practice Free FCP_FAZ_AN-7.4 Exam Online Questions
Which two remote servers are supported for the upload of FortiAnalyzer local logs? (Choose two.)
- A . FTP
- B . SFTP
- C . UDP
- D . TCP
Refer to the exhibit.
What is the purpose of using the Chart Builder feature on FortiAnalyzer?
- A . In Log View, this feature allows you to build a chart and chart automatically, on the top 100 log entries.
- B . In Log View, this feature allows you to build a dataset and chart automatically, based on the filtered search results.
- C . This feature allows you to build a chart under FortiView.
- D . You can add charts to generated reports using this feature.
What is the best approach to handle a hard disk failure on a FortiAnalyzer that supports hardware RAID?
- A . Hot swap the disk.
- B . There is no need to do anything because the disk will self-recover.
- C . Shut down FortiAnalyzer and replace the disk.
- D . Run execute format disk to format and restart the FortiAnalyzer device.
Which two statements are true regarding FortiAnalyzer log forwarding? (Choose two.)
- A . In aggregation mode, you can forward logs to syslog and CEF servers as well.
- B . Forwarding mode forwards logs in real time only to other FortiAnalyzer devices.
- C . Aggregation mode stores logs and content files and uploads them to another FortiAnalyzer device at a scheduled time.
- D . Both modes, forwarding and aggregation, support encryption of logs between devices.
You have recently grouped multiple FortiGate devices into a single ADOM. System Settings > Storage Info shows the quota used.
What does the disk quota refer to?
- A . The maximum disk utilization for each device in the ADOM
- B . The maximum disk utilization for the FortiAnalyzer model
- C . The maximum disk utilization for the ADOM type
- D . The maximum disk utilization for all devices in the ADOM
What can you do on FortiAnalyzer to restrict administrative access from specific locations?
- A . Configure trusted hosts for that administrator.
- B . Enable geo-location services on accessible interface.
- C . Configure two-factor authentication with a remote RADIUS server.
- D . Configure an ADOM for respective location.
Exhibit.
What does the data point at 12:20 indicate?
- A . The log insert log time is increasing.
- B . FortiAnalyzer is using its cache to avoid dropping logs.
- C . The performance of FortiAnalyzer is below the baseline.
- D . The sqiplugind service is caught up with the logs
What is the purpose of trigger variables?
- A . To display statistics about the playbook runtime
- B . To use information from the trigger to filter the action in a task
- C . To provide the trigger information to make the playbook start running
- D . To store the start times of playbooks with On_Schedule triggers
What happens when the IOC breach detection engine on FortiAnalyzer finds web logs that match a blocklisted IP address?
- A . The endpoint is marked as Compromised and. optionally, can be put in quarantine.
- B . FortiAnalyzer flags the associated host for further analysis.
- C . A new Infected entry is added for the corresponding endpoint.
- D . The detection engine classifies those logs as Suspicious
What is the purpose of the following CLI command?
- A . To encrypt log communications
- B . To add a unique tag to each log to prove that it came from this FortiAnalyzer
- C . To add the MD’s hash value and authentication code
- D . To add a log file checksum