If the primary FortiAnalyzer in an HA cluster fails, how is the new primary elected?
If the primary FortiAnalyzer in an HA cluster fails, how is the new primary elected?A . The configured IP address is checked first. B. The active port number is checked first. C. The firmware version is checked first. D. The configured priority is checked firstView AnswerAnswer: C
Which image corresponds to the packet capture shown in the exhibit?
Refer to the exhibit. Which image corresponds to the packet capture shown in the exhibit? A) B) C) D) A . Option A B. Option B C. Option C D. Option DView AnswerAnswer: D
After you have moved a registered logging device out of one ADOM and into a new ADOM, what is thepurpose of running the following CLI command?
After you have moved a registered logging device out of one ADOM and into a new ADOM, what is thepurpose of running the following CLI command? execute sql-local rebuild-adom <new-ADOM-name>A . To reset the disk quota enforcement to default B. To remove the analytics logs of the device from the...
What can the CLI command # diagnose test application oftpd 3 help you to determine?
What can the CLI command # diagnose test application oftpd 3 help you to determine?A . What devices and IP addresses are connecting to FortiAnalyzer B.What logs, if any, are reaching FortiAnalyzer C.What ADOMs are enabled and configured D.What devices are registered and unregisteredView AnswerAnswer: A Explanation: https://docs.fortinet.com/document/fortianalyzer/6.2.5/cli-reference/395556/test#test_application
What is the purpose of a dataset query in FortiAnalyzer?
What is the purpose of a dataset query in FortiAnalyzer?A . It sorts log data into tables B. It extracts the database schema C. It retrieves log data from the database D. It injects log data into the databaseView AnswerAnswer: C Explanation: Reference: https://docs2.fortinet.com/document/fortianalyzer/6.0.4/administration-guide/148744/creating-datasets
Which two statements are true regarding FortiAnalyzer operating modes? (Choose two.)
Which two statements are true regarding FortiAnalyzer operating modes? (Choose two.)A . When in collector mode, FortiAnalyzer collects logs from multiple devices and forwards these logs in the original binary format. B. Collector mode is the default operating mode. C. When in collector mode. FortiAnalyzer supports event management and reporting...
Why should you use an NTP server on FortiAnalyzer and all registered devices that log into FortiAnalyzer?
Why should you use an NTP server on FortiAnalyzer and all registered devices that log into FortiAnalyzer?A . To properly correlate logs B. To use real-time forwarding C. To resolve host names D. To improve DNS response timesView AnswerAnswer: A
Which two statements are true regarding enabling auto-cache on FortiAnalyzer?
Refer to the exhibit. Which two statements are true regarding enabling auto-cache on FortiAnalyzer? (Choose two.)A . Report size will be optimized to conserve disk space on FortiAnalyzer. B. Reports will be cached in the memory. C. This feature is automatically enabled for scheduled reports. D. Enabling auto-cache reduces report...
How many events will be added to the incident created after running this playbook?
Refer to the exhibits. How many events will be added to the incident created after running this playbook?A . Ten events will be added. B. No events will be added. C. Five events will be added. D. Thirteen events will be added.View AnswerAnswer: C
How can you configure FortiAnalyzer to permit administrator logins from only specific locations?
How can you configure FortiAnalyzer to permit administrator logins from only specific locations?A . Use static routes B. Use administrative profiles C. Use trusted hosts D. Use secure protocolsView AnswerAnswer: C Explanation: https://docs.fortinet.com/document/fortianalyzer/6.2.5/administration-guide/186508/trusted-hosts