What does the disk status Degraded mean for RAID management?

What does the disk status Degraded mean for RAID management?A . One or more drives are missing from the FortiAnalyzer unit. The drive is no longer available to the operating system. B. The FortiAnalyzer device is writing to all the hard drives on the device in order to make the...

November 6, 2022 No Comments READ MORE +

What is the recommended method of expanding disk space on a FortiAnalyzer VM?

What is the recommended method of expanding disk space on a FortiAnalyzer VM?A . From the VM host manager, add an additional virtual disk and use the #execute lvm extend <disk number> command to expand the storage B. From the VM host manager, expand the size of the existing virtual...

November 6, 2022 No Comments READ MORE +

What is the purpose of a dataset query in FortiAnalyzer?

What is the purpose of a dataset query in FortiAnalyzer?A . It sorts log data into tables B. It extracts the database schema C. It retrieves log data from the database D. It injects log data into the databaseView AnswerAnswer: C Explanation: Reference: https://docs2.fortinet.com/document/fortianalyzer/6.0.4/administration-guide/148744/creating-datasets

November 5, 2022 No Comments READ MORE +

Which log type does the FortiAnalyzer indicators of compromise feature use to identify infected hosts?

Which log type does the FortiAnalyzer indicators of compromise feature use to identify infected hosts?A . Antivirus logs B. Web filter logs C. IPS logs D. Application control logsView AnswerAnswer: B Explanation: Reference: https://help.fortinet.com/fa/faz50hlp/60/6-0-2/Content/FortiAnalyzer_Admin_Guide/3600_FortiView/0200_Using_FortiView/1200_Compromised_hosts_page.htm?TocPath=FortiView%7CUsing%20FortiView%7C_____6

November 5, 2022 No Comments READ MORE +

Which two statements are true regarding high availability (HA) on FortiAnalyzer? (Choose two.)

Which two statements are true regarding high availability (HA) on FortiAnalyzer? (Choose two.) A. FortiAnalyzer HA can function without VRRP. and VRRP is required only if you have more than two FortiAnalyzer devices in a cluster. B. FortiAnalyzer HA supports synchronization of logs as well as some system and configuration...

November 4, 2022 No Comments READ MORE +

What can you do on FortiAnalyzer to restrict administrative access from specific locations?

What can you do on FortiAnalyzer to restrict administrative access from specific locations?A . Configure trusted hosts for that administrator. B. Enable geo-location services on accessible interface. C. Configure two-factor authentication with a remote RADIUS server. D. Configure an ADOM for respective location.View AnswerAnswer: A Explanation: Reference: https://docs.fortinet.com/document/fortigate/6.2.0/hardening-your-fortigate/582009/system-administrator-best-practices

November 4, 2022 No Comments READ MORE +

What is the significance of executing this command?

An administrator has configured the following settings: config system fortiview settings set resolve-ip enable end What is the significance of executing this command?A . Use this command only if the source IP addresses are not resolved on FortiGate. B. It resolves the source and destination IP addresses to a hostname...

November 4, 2022 No Comments READ MORE +

If you upgrade your FortiAnalyzer firmware, what report elements can be affected?

If you upgrade your FortiAnalyzer firmware, what report elements can be affected?A . Output profiles B. Report settings C. Report scheduling D. Custom datasetsView AnswerAnswer: D

November 3, 2022 No Comments READ MORE +

Why should you use an NTP server on FortiAnalyzer and all registered devices that log into FortiAnalyzer?

Why should you use an NTP server on FortiAnalyzer and all registered devices that log into FortiAnalyzer?A . To properly correlate logs B. To use real-time forwarding C. To resolve host names D. To improve DNS response timesView AnswerAnswer: A

November 3, 2022 No Comments READ MORE +

What is the most likely problem?

Logs are being deleted from one of the ADOMs earlier than the configured setting for archiving in the data policy. What is the most likely problem?A . CPU resources are too high B. Logs in that ADOM are being forwarded, in real-time, to another FortiAnalyzer device C. The total disk...

November 3, 2022 No Comments READ MORE +