FCP_FAZ_AN-7.4 Fortinet FCP - FortiAnalyzer 7.4 Analyst Exam Questions

1. Fortinet FCP_FAZ_AN-7.4 Exam Fortinet FCP - FortiAnalyzer 7.4 Analyst https://www.passquestion.com/fcp_faz_an-7-4.html 35% OFF on All, Including FCP_FAZ_AN-7.4 Questions and Answers Pass FCP_FAZ_AN-7.4 Exam with PassQuestion FCP_FAZ_AN-7.4 questions and answers in the first attempt. https://www.passquestion.com/ 1 / 5

2. 1.Which statement about sending notifications with incident updates is true? A. Each connector used can have different notification settings. B. You must configure an output profile to send notifications by email. C. Each incident can send notifications to a single external platform. D. Notifications can be sent only when an incident is created or deleted. Answer: A 2.What can you do on FortiAnalyzer to restrict administrative access from specific locations? A. Configure trusted hosts for that administrator. B. Enable geo-location services on accessible interface. C. Configure two-factor authentication with a remote RADIUS server. D. Configure an ADOM for respective location. Answer: A 3.You've moved a registered logging device out of one ADOM and into a new ADOM. What happens when you rebuild the new ADOM database? A. FortiAnalyzer resets the disk quota of the new ADOM to default. B. FortiAnalyzer migrates archive logs to the new ADOM. C. FortiAnalyzer migrates analytics logs to the new ADOM. D. FortiAnalyzer removes logs from the old ADOM. Answer: C 4.Which connector type is enabled by default to be used in playbooks? A. Fabric B. EMS C. Local connector D. FortiOS Answer: C 5.Which FortiAnalyzer featuhich statement regarding macrosoach when managing your network security? A. FortiView Monitor B. Threat hunting C. Incidents dashboards D. Outbreak alert services Answer: B 6.Which two FortiAnalyzer features allow you to build a dataset and a chart automatically, based on a filtered search result? (Choose two.) A. Chart Builder B. Custom View C. Export to Report Chart (FortiView) D. Dataset Library Answer: AC 2 / 5

3. 7.Refer to the exhibit. What is the purpose of using the Chart Builder feature on FortiAnalyzer? A. In Log View, this feature allows you to build a chart and chart automatically, on the top 100 log entries. B. In Log View, this feature allows you to build a dataset and chart automatically, based on the filtered search results. C. This feature allows you to build a chart under FortiView. D. You can add charts to generated reports using this feature. Answer: B 8.Refer to the exhibit. Which two statements are true regarding enabling auto-cache on FortiAnalyzer? (Choose two.) A. Report size will be optimized to conserve disk space on FortiAnalyzer. B. Reports will be cached in the memory. C. This feature is automatically enabled for scheduled reports. D. Enabling auto-cache reduces report generation time for reports that require a long time to assemble datasets. Answer: CD 3 / 5

4. 9.Which SQL query is in the correct order to query the database in the FortiAnalyzer? A. SELECT devid WHERE 'user'='USER1' FROM $log GROUP BY devid B. FROM $log WHERE 'user'='USER1' SELECT devid GROUP BY devid C. SELECT devid FROM $log WHERE 'user'='USER1' GROUP BY devid D. SELECT devid FROM $log GROUP BY devid WHERE 'user'='USER1' Answer: C 10.Which two statements are true regarding log fetching on FortiAnalyzer? (Choose two.) A. Log fetching can be done only on two FortiAnalyzer devices that are running the same firmware version. B. Log fetching allows the administrator to fetch analytics logs from another FortiAnalyzer for redundancy. C. A FortiAnalyzer device can perform either the fetch server or client role, and it can perform two roles at the same time with the same FortiAnalyzer devices at the other end. D. Log fetching allows the administrator to run queries and reports against historical data by retrieving archived logs from one FortiAnalyzer device and sending them to another FortiAnalyzer device. Answer: AD 11.Which statement about the FortiSIEM management extension is correct? A. It requires a licensed FortiSIEM supervisor. B. Its use of the available disk space is capped at 50%. C. It can be installed as a dedicated VM. D. Allows you to manage the entire life cycle of a threat or breach. Answer: A 12.View the exhibit. What does the data point at 14:35 tell you? A. FortiAnalyzer is dropping logs. B. The sqlplugind daemon is ahead in indexing by one log. C. FortiAnalyzer has temporarily stopped receiving logs so older logs' can be indexed. D. FortiAnalyzer is indexing logs faster than logs are being received. Answer: B 13.What is the purpose of employing RAID with FortiAnalyzer? 4 / 5

5. A. To introduce redundancy to your log data B. To provide data separation between ADOMs C. To separate analytical and archive data D. To back up your logs Answer: A 14.What is the main purpose of deploying RAID with FortiAnalyzer? A. To back up your logs B. To make an identical copy of log data on two separate physical drives C. To provide redundancy of your log data D. To store data in chunks across multiple drives Answer: C 15.In order for FortiAnalyzer to collect logs from a FortiGate device, what configuration is required? (Choose two.) A. Remote logging must be enabled on FortiGate B. FortiGate must be registered with FortiAnalyzer C. Log encryption must be enabled D. ADOMs must be enabled Answer: AB 16.After you have moved a registered logging device out of one ADOM and into a new ADOM, what is the purpose of running the following CLI command? execute sql-local rebuild-adom <new-ADOM-name> A. To reset the disk quota enforcement to default B. To remove the analytics logs of the device from the old database C. To migrate the archive logs to the new ADOM D. To populate the new ADOM with analytical logs for the moved device, so you can run reports Answer: D 17.For proper log correlation between the logging devices and FortiAnalyzer, FortiAnalyzer and all registered devices should: A. Use DNS B. Use an NTP server C. Use real-time forwarding D. Use host name resolution Answer: B 5 / 5