Fortinet FCP_FAZ_AD-7.4 Practice Questions

Which daemon is responsible for enforcing raw log file size?

A. logfiled

B. oftpd

C. sqlplugind

D. miglogd

What is the purpose of the following CLI command?

A. To add a log file checksum

B. To add the MD’s hash value and authentication code

C. To add a unique tag to each log to prove that it came from this FortiAnalyzer

D. To encrypt log communications

Which statement correctly describes RAID 10 (1+0) on FortiAnalyzer?

A. A configuration with four disks, each with 2 TB of capacity, provides a total space of 4 TB.

B. 11 combines mirroring striping and distributed parity to provide performance and fault tolerance

C. A configuration with four disks, each with 2 TB of capacity, provides a total space of 2 TB.

D. It uses striping to provide performance and fault tolerance.

Which two statements are true regarding log fetching on FortiAnalyzer? (Choose two.)

A. A FortiAnalyzer device can perform either the fetch server or client role, and it can perform two roles at the same time with the same FortiAnalyzer devices at the other end.

B. Log fetching can be done only on two FortiAnalyzer devices that are running the same firmware version.

C. Log fetching allows the administrator to fetch analytics logs from another FortiAnalyzer for redundancy.

D. Log fetching allows the administrator to run queries and reports against historical data by retrieving archived logs from one FortiAnalyzer device and sending them to another FortiAnalyzer device.

In FortiAnalyzer’s FormView, source and destination IP addresses from FortiGate devices are not resolving to a hostname. How can you resolve the source and destination IPs, without introducing any additional performance impact to FortiAnalyzer?

A. Configure local DNS servers on FortiAnalyzer

B. Resolve IPs on FortiGate

C. Configure # set resolve-ip enable in the system FortiView settings

D. Resolve IPs on a per-ADOM basis to reduce delay on FortiView while IPs resolve

What statements are true regarding FortiAnalyzer 's treatment of high availability (HA) dusters? (Choose two)

A. FortiAnalyzer distinguishes different devices by their serial number.

B. FortiAnalyzer receives logs from d devices in a duster.

C. FortiAnalyzer receives bgs only from the primary device in the cluster.

D. FortiAnalyzer only needs to know (he serial number of the primary device in the cluster-it automaticaly discovers the other devices.

Logs are being deleted from one of your ADOMs earlier that the configured setting for archiving in your data policy. What is the most likely problem?

A. The total disk space is insufficient and you need to add other disk.

B. CPU resources are too high.

C. The ADOM disk quota is set too low based on log rates.

D. Logs in that ADOM are being forwarded in real-time to another FortiAnalyzer device.