Page: 1
/ 2
Total 28 questions
View the exhibit:
What does the 1000MB maximum for disk utilization refer to?
- A. The disk quota for the FortiAnalyzer model
- B. The disk quota for all devices in the ADOM
- C. The disk quota for each device in the ADOM
- D. The disk quota for the ADOM type
Answer : B
You"™ve moved a registered logging device out of one ADOM and into a new ADOM. What happens when you rebuild the new ADOM database?
- A. FortiAnalyzer resets the disk quota of the new ADOM to default.
- B. FortiAnalyzer migrates archive logs to the new ADOM.
- C. FortiAnalyzer migrates analytics logs to the new ADOM.
- D. FortiAnalyzer removes logs from the old ADOM.
Answer : C
What happens when a log file saved on FortiAnalyzer disks reaches the size specified in the device log settings?
- A. The log file is stored as a raw log and is available for analytic support.
- B. The log file rolls over and is archived.
- C. The log file is purged from the database.
- D. The log file is overwritten.
Answer : B
What is the purpose of employing RAID with FortiAnalyzer?
- A. To introduce redundancy to your log data
- B. To provide data separation between ADOMs
- C. To separate analytical and archive data
- D. To back up your logs
Answer : A
Which FortiAnalyzer feature allows you to retrieve the archived logs matching a specific timeframe from another FortiAnalyzer device?
- A. Log upload
- B. Indicators of Compromise
- C. Log forwarding an aggregation mode
- D. Log fetching
Answer : D
What is the recommended method of expanding disk space on a FortiAnalyzer VM?
- A. From the VM host manager, add an additional virtual disk and use the #execute lvm extend <disk number> command to expand the storage
- B. From the VM host manager, expand the size of the existing virtual disk
- C. From the VM host manager, expand the size of the existing virtual disk and use the # execute format disk command to reformat the disk
- D. From the VM host manager, add an additional virtual disk and rebuild your RAID array
Answer : A
How are logs forwarded when FortiAnalyzer is using aggregation mode?
- A. Logs are forwarded as they are received and content files are uploaded at a scheduled time.
- B. Logs and content files are stored and uploaded at a scheduled time.
- C. Logs are forwarded as they are received.
- D. Logs and content files are forwarded as they are received.
Answer : B
How do you restrict an administrator"™s access to a subset of your organization"™s ADOMs?
- A. Set the ADOM mode to Advanced
- B. Assign the ADOMs to the administrator"™s account
- C. Configure trusted hosts
- D. Assign the default Super_User administrator profile
Answer : B
In order for FortiAnalyzer to collect logs from a FortiGate device, what configuration is required? (Choose two.)
- A. Remote logging must be enabled on FortiGate
- B. Log encryption must be enabled
- C. ADOMs must be enabled
- D. FortiGate must be registered with FortiAnalyzer
Answer : AD
What can the CLI command # diagnose test application oftpd 3 help you to determine?
- A. What devices and IP addresses are connecting to FortiAnalyzer
- B. What logs, if any, are reaching FortiAnalyzer
- C. What ADOMs are enabled and configured
- D. What devices are registered and unregistered
Answer : A
What FortiView tool can you use to automatically build a dataset and chart based on a filtered search result?
- A. Chart Builder
- B. Export to Report Chart
- C. Dataset Library
- D. Custom View
Answer : A
In FortiAnalyzer"™s FormView, source and destination IP addresses from FortiGate devices are not resolving to a hostname. How can you resolve the source and destination IPs, without introducing any additional performance impact to FortiAnalyzer?
- A. Configure local DNS servers on FortiAnalyzer
- B. Resolve IPs on FortiGate
- C. Configure # set resolve-ip enable in the system FortiView settings
- D. Resolve IPs on a per-ADOM basis to reduce delay on FortiView while IPs resolve
Answer : B
What must you configure on FortiAnalyzer to upload a FortiAnalyzer report to a supported external server? (Choose two.)
- A. SFTP, FTP, or SCP server
- B. Mail server
- C. Output profile
- D. Report scheduling
Answer : AC
View the exhibit.
Why is the total quota less than the total system storage?
- A. 3.6% of the system storage is already being used.
- B. Some space is reserved for system use, such as storage of compression files, upload files, and temporary report files
- C. The oftpd process has not archived the logs yet
- D. The logfiled process is just estimating the total quota
Answer : B
30 days access 