FCP_FAZ_AD-7.4無料問題集「Fortinet FCP - FortiAnalyzer 7.4 Administrator」

質問 1

What are offline logs on FortiAnalyzer?

（A）Logs that are indexed and stored in the SQL database

（B）Any logs collected from offline devices after they boot up

（C）Compressed logs, also known as archive logs

（D）Real-time logs that are not yet indexed

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 2

Logs are being deleted from one of your ADOMs earlier that the configured setting for archiving in your data policy. What is the most likely problem?

（A）CPU resources are too high.

（B）The ADOM disk quota is set too low based on log rates.

（C）Logs in that ADOM are being forwarded in real-time to another FortiAnalyzer device.

（D）The total disk space is insufficient and you need to add other disk.

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 3

The admin administrator is failing to register a FortiClient EMS on the FortiAnalyzer device.
What can be the reason for this failure?

（A）ADOMs are not enabled on FortiAnalyzer.

（B）ADOM mode should be set to advanced, in order to register the FortiClient EMS device.

（C）A separate license is required on FortiAnalyzer in order to register the FortiClient EMS device.

（D）FortiAnalyzer is in an HA cluster.

正解：A 解答を投票する

質問 4

You crested a playbook on FortiAnalyzer that uses a FortiOS connector
When configuring the FortiGate side, which type of trigger must be used so that the actions in an automation stitch are available in the FortiOS connector?

（A）FortiOS Event Log

（B）FortiAnalyzer Event Handler

（C）Fabric Connector event

（D）Incoming webhook

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 5

Which two actions should an administrator take to view Compromised Hosts on FortiAnalyzer? (Choose two.)

（A）Enable web filtering in firewall policies on FortiGate devices, and make sure these logs are sent to FortiAnalyzer.

（B）Make sure all endpoints are reachable by FortiAnalyzer.

（C）Enable device detection on an interface on the FortiGate devices that are connected to the FortiAnalyzer device.

（D）Subscribe FortiAnalyzer to FortiGuard to keep its local threat database up to date.

正解：A、D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 6

Refer to the exhibit.

The image displays the configuration of a FortiAnalyzer the administrator wants to join to an existing HA cluster.
What can you conclude from the configuration displayed?

（A）This FortiAnalyzer is configured to receive logs in its port1.

（B）After joining to the cluster, this FortiAnalyzer will keep an updated log database.

（C）This FortiAnalyzer will join to the existing HA cluster as the primary.

（D）This FortiAnalyzer will trigger a failover after losing communication with its peers for 10 seconds.

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 7

Why must you wait for several minutes before you run a playbook that you just created?

（A）FortiAnalyzer needs that time to ensure there are no other playbooks running.

（B）FortiAnalyzer needs that time to parse the new playbook.

（C）FortiAnalyzer needs that time to debug the new playbook.

（D）FortiAnalyzer needs that time to back up the current playbooks.

正解：D 解答を投票する

質問 8

Which two elements are contained in a system backup created on FortiAnalyzer? (Choose two.)

（A）System information

（B）Logs from registered devices

（C）Database snapshot

（D）Report information

正解：A、D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 9

Refer to the exhibit.

Laptop1 is used by several administrators to manage FortiAnalyzer. You want to configure a generic text filter that matches all login attempts to the web interface generated by any user other than "admin", and coming from Laptop1.
Which filter will achieve the desired result?

（A）operation-login & performed_on=="GUI(10.1.1.100)" & user!=admin

（B）operation-login & srcip==10.1.1.100 & dstip==10.1.1.210 & user==admin

（C）operation-login & dstip==10.1.1.210 & user!-admin

（D）operation-login & performed_on=="GUI(10.1.1.210)" & user!=admin

正解：B 解答を投票する

質問 10

Which statements are true of Administrative Domains (ADOMs) in FortiAnalyzer? (Choose two.)

（A）ADOMs are enabled by default.

（B）Once enabled, the Device Manager, FortiView, Event Management, and Reports tab display per ADOM.

（C）ADOMs constrain other administrator's access privileges to a subset of devices in the device list.

（D）All administrators can create ADOMs--not just the admin administrator.

正解：B、C 解答を投票する

FCP_FAZ_AD-7.4 無料問題集「Fortinet FCP - FortiAnalyzer 7.4 Administrator」

弊社を連絡する

関連リンク

トップ試験