Fortinet FCP_FAZ_AN-7.6 - Fortinet NSE 5 - FortiAnalyzer 7.6 Analyst Exam
Page: 2 / 7
Total 34 questions
Question #6 (Topic: Exam A)
Which operation can you use SQL SELECT queries for?
A. To alter tables in the database
B. To purge log entries from the database
C. To insert new data into an existing table
D. To display the database schema
Answer: D
Question #7 (Topic: Exam A)
Refer to the exhibit.
What does the data point at 21:20 indicate?
What does the data point at 21:20 indicate?
A. FortiAnalyzer is indexing logs faster than logs are being received.
B. The sqlpugind daemon is behind in receiving logs by one log.
C. The fortilogd daemon is ahead in indexing by one log.
D. The log insert lag time is high.
Answer: B
Question #8 (Topic: Exam A)
Which two parameters does FortiAnalyzer use to identify an indicator of compromise (IOC)? (Choose two.)
A. Application category
B. IP address
C. URL
D. Policy ID
Answer: BC
Question #9 (Topic: Exam A)
Which statement describes archive logs on FortiAnalyzer?
A. Logs that are parsed and normalized by FortiAnalyzer and available in the log view
B. Logs received from other FortiAnalyzer devices
C. Logs compressed and saved in files with the .gz extension
D. Logs that are indexed and stored in the SQL database
Answer: C
Question #10 (Topic: Exam A)
An analyst needs to move reports between two ADOMs.
Which two statements are true? (Choose two.)
Which two statements are true? (Choose two.)
A. All charts and datasets associated with the report will be imported together.
B. The date and time will be appended to the original report name to avoid conflicts.
C. The ADOMs must be compatible types.
D. The reports must be converted into templates first.
Answer: AC
