Practice Free FCP_FAZ_AN-7.4 Exam Online Questions
Which two external servers can you configure to validate administrator logins? (Choose two.)
- A . Syslog
- B . LDAP
- C . RADIUS
- D . Only locally by FortiAnalyzer
When you move a FortiGate device from one ADOM to a new ADOM, what is the purpose of rebuilding the new ADOM database?
- A . To migrate the archive logs to the new ADOM
- B . To reset the disk quota enforcement to default
- C . To remove the device’s analytics logs from the old ADOM
- D . To run reports on the device’s analytics logs in the new ADOM
Why should you use an NTP server on FortiAnalyzer and all registered devices that log into FortiAnalyzer?
- A . To properly correlate logs
- B . To use real-time forwarding
- C . To resolve host names
- D . To improve DNS response times
How are logs forwarded when FortiAnalyzer is using aggregation mode?
- A . Logs are forwarded as they are received and content files are uploaded at a scheduled time.
- B . Logs and content files are stored and uploaded at a scheduled time.
- C . Logs are forwarded as they are received.
- D . Logs and content files are forwarded as they are received.
Which database language does FortiAnalyzer support for the purposes of logging and reporting?
- A . LDAP
- B . SSH
- C . SQL
- D . XML
An administrator has configured the following settings:
config system fortiview settings
set resolve-ip enable
end
What is the significance of executing this command?
- A . Use this command only if the source IP addresses are not resolved on FortiGate.
- B . It resolves the source and destination IP addresses to a hostname in FortiView on FortiAnalyzer.
- C . You must configure local DNS servers on FortiGate for this command to resolve IP addresses on Forti Analyzer.
- D . It resolves the destination IP address to a hostname in FortiView on FortiAnalyzer.
A FortiAnalyzer device could use which security method to secure the transfer of log data from FortiGate devices?
- A . SSL
- B . IPSec
- C . Direct serial connection
- D . S/MIME
Refer to the exhibit.
Laptop1 is used by several administrators to manage FortiAnalyzer. You want to configure a generic text filter that matches all login attempts to the web interface generated by any user other than “admin" and coming from Laptop1.
Which filter will achieve the desired result?
- A . operation-login & performed_on=="GUI(10.1.1.100)" & user!=admin
- B . operation-login & srcip==10.1.1.100 & dstip==10.1.1.210 & user==admin
- C . operation-login & dstip==10.1.1.210 & userl-admin
- D . operation-login & performed_on=="GUI(10.1.1.210)’ & user!=admin
Which statements are true regarding securing communications between FortiAnalyzer and FortiGate with IPsec? (Choose two.)
- A . IPsec is only enabled through the CLI on FortiAnalyzer.
- B . Must establish an IPsec tunnel ID and pre-shared key.
- C . Must configure the FortiAnalyzer end of the tunnel only–the FortiGate end is auto-negotiated.
- D . IPsec cannot be enabled if SSL is enabled as well.
You created a playbook on FortiAnalyzer that uses a FortiOS connector. When configuring the FortiGate side, which type of trigger must be used so that the actions in an automation stitch are available in the FortiOS connector?
- A . FortiAnalyzer Event Handler
- B . Incoming webhook
- C . FortiOS Event Log
- D . Fabric Connector event