FCP_FAZ_AN-7.4 exam

What must you consider when using log fetching? (Choose two.)A . The fetch client can retrieve logs from devices that are not added to its local Device Manager.B . You can use filters to include only logs from a single device.C . The fetching profile must include a user with...

When performing a log search on a FortiAnalyzer, it is generally recommended to use the Quick Search option. What is a valid reason for using the Full Search option, instead?A . The search items you are looking for are not contained in indexed log fields.B . A quick search only...

What happens when the IOC breach detection engine on FortiAnalyzer finds web logs that match a blocklisted IP address?A . The endpoint is marked as Compromised and. optionally, can be put in quarantine.B . FortiAnalyzer flags the associated host for further analysis.C . A new Infected entry is added for...

Which two statements about log forwarding are true? (Choose two.)A . Forwarded logs cannot be filtered to match specific criteria.B . Logs are forwarded in real-time only.C . The client retains a local copy of the logs after forwarding.D . You can use aggregation mode only with another FortiAnalyzer.View AnswerAnswer:...

Which two methods can you use to send event notifications when an event occurs that matches a configured event handler? (Choose two.)A . SMSB . EmailC . SNMPD . IMView AnswerAnswer: BC

Refer to the exhibit. Laptop1 is used by several administrators to manage FortiAnalyzer. You want to configure a generic text filter that matches all login attempts to the web interface generated by any user other than "admin" and coming from Laptop1. Which filter will achieve the desired result?A . operation-login...