Summer Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: exc65

examout.co

What purposes does the auto-cache setting on reports serve? (Choose two.)

A.

To reduce report generation time

B.

To automatically update the hcache when new logs arrive

C.

To reduce the log insert lag rate

D.

To provide diagnostics on report generation time

Why should you use an NTP server on FortiAnalyzer and all registered devices that log into FortiAnalyzer?

A.

To properly correlate logs

B.

To use real-time forwarding

C.

To resolve host names

D.

To improve DNS response times

Which log will generate an event with the status Contained?

A.

An IPS log with action=pass.

B.

A WebFilter log with action=dropped.

C.

An AV log with action=quarantine.

D.

An AppControl log with action=blocked.

An administrator fortinet, is able to view logs and perform device management tasks, such as adding and removing registered devices. However, administrator fortinet is not able to create a mall server that can be used to send email.

What could be the problem?

A.

Fortinet is assigned the Standard_ User administrator profile.

B.

A trusted host is configured.

C.

ADOM mode is configured with Advanced mode.

D.

Fortinet is assigned the Restricted_ User administrator profile.

What does the disk status Degraded mean for RAID management?

A.

One or more drives are missing from the FortiAnalyzer unit. The drive is no longer available to the operating system.

B.

The FortiAnalyzer device is writing to all the hard drives on the device in order to make the array fault tolerant.

C.

The FortiAnalyzer device is writing data to a newly added hard drive in order to restore the hard drive to an optimal state.

D.

The hard driveiIs no longer being used by the RAID controller

Refer to the exhibit.

What is the purpose of configuring FortiAnalyzer with the settings displayed in the image?

A.

To increase reliability

B.

To expand bandwidth

C.

To maximize resiliency

D.

To improve security

An administrator has moved FortiGate A from the root ADOM to ADOM1. However, the administrator is not able to generate reports for FortiGate A in ADOM1.

What should the administrator do to solve this issue?

A.

Use the execute sql-local rebuild-db command to rebuild all ADOM databases.

B.

Use the execute sql-local rebuild-adom ADOM1 command to rebuild the ADOM database.

C.

Use the execute sql-report run ADOM1 command to run a report.

D.

Use the execute sql-local rebuild-adom root command to rebuild the ADOM database.

Which statement about the communication between FortiGate high availability (HA) clusters and FortiAnalyzer is true?

A.

If devices were registered to FortiAnalyzer before forming a cluster, you can manually add them together.

B.

FortiAnalyzer distinguishes each cluster member by the IP addresses in log message headers.

C.

If the HA primary device becomes unavailable, you must remove it from the HA cluster list on FortiAnalyzer.

D.

The FortiGate HA cluster must be in active-passive mode in order to avoid conflict.

An administrator has configured the following settings:

config system global

set log-checksum md5-auth

end

What is the significance of executing this command?

A.

This command records the log file MD5 hash value.

B.

This command records passwords in log files and encrypts them.

C.

This command encrypts log transfer between FortiAnalyzer and other devices.

D.

This command records the log file MD5 hash value and authentication code.

What happens when a log file saved on FortiAnalyzer disks reaches the size specified in the device log

settings?

A.

The log file is stored as a raw log and is available for analytic support.

B.

The log file rolls over and is archived.

C.

The log file is purged from the database.

D.

The log file is overwritten.