An administrator has configured the following settings:



What is the purpose of executing these commands?

A. To record the hash value and authentication code of log files.

B. To encrypt log transfer between FortiAnalyzer and other devices.

C. To create the secure channel used by the OFTP process.

D. To verify the integrity of the log files received.

Which statement when you are upgrading the firmware on an HA cluster made up of three FortiAnalyzer devices is true?

A. You can perform the firmware upgrade using only a console connection.

B. All FortiAnalyzer devices will be upgraded at the same time.

C. Enabling uninterruptible-upgrade prevents normal operations from being interrupted during the upgrade.

D. First, upgrade the secondary devices, and then upgrade the primary device.

Which statement describes a dataset in FortiAnalyzer?

A. They determine what data is retrieved from the database.

B. They provide the layout used for reports.

C. They are used to set the data included in templates.

D. They define the chart types to be used in reports.

An administrator has moved FortiGate A from the root ADOM to ADOM1.
Which two statements are true regarding logs? (Choose two.)

A. Analytics logs will be moved to ADOM1 from the root ADOM automatically.

B. Archived logs will be moved to ADOM1 from the root ADOM automatically.

C. Logs will be presented in both ADOMs immediately after the move.

D. Analytics logs will be moved to ADOM1 from the root ADOM after you rebuild the ADOM1 SQL database.

Which two elements are contained in a system backup created on FortiAnalyzer? (Choose two.)

A. System information

B. Logs from registered devices

C. Report information

D. Database snapshot

Refer to the exhibits.



How many events will be added to the incident created after running this playbook?

A. Ten events will be added.

B. No events will be added.

C. Five events will be added.

D. Thirteen events will be added.

What is Log Insert Lag Time on FortiAnalyzer?

A. The number of times in the logs where end users experienced slowness while accessing resources.

B. The amount of lag time that occurs when the administrator is rebuilding the ADOM database.

C. The amount of time that passes between the time a log was received and when it was indexed on FortiAnalyzer.

D. The amount of time FortiAnalyzer takes to receive logs from a registered device

What are offline logs on FortiAnalyzer?

A. Compressed logs, also known as archive logs

B. Logs that are indexed and stored in the SQL database

C. Any logs collected from offline devices after they boot up

D. Real-time logs that are not yet indexed

What are analytics logs on FortiAnalyzer?

A. Log type Traffic logs.

B. Logs that roll over when the log file reaches a specific size.

C. Logs that are indexed and stored in the SQL.

D. Raw logs that are compressed and saved to a log file.

How do you restrict an administrator’s access to a subset of your organization’s ADOMs?

A. Set the ADOM mode to Advanced

B. Assign the ADOMs to the administrator’s account

C. Configure trusted hosts

D. Assign the default Super_User administrator profile

What remote authentication servers can you configure to validate your FortiAnalyzer administrator logons? (Choose three)

A. RADIUS

B. Local

C. LDAP

D. PKI

E. TACACS+

What is the best approach to handle a hard disk failure on a FortiAnalyzer that supports hardware RAID?

A. There is no need to do anything because the disk will self-recover.

B. Run execute format disk to format and restart the FortiAnalyzer device.

C. Perform a hot swap of the disk.

D. Shut down FortiAnalyzer and replace the disk.