Why is a single IP address shown as the source for all logs received?

FCP_FAZ_AD-7.4 0 Comments

Refer to the exhibit.

The capture displayed was taken on a FortiAnalyzer.

Why is a single IP address shown as the source for all logs received?
A . FortiAnalyzer is using the device MAC addresses to differentiate their logs.
B . The logs belong to devices that are part of a high availability (HA) cluster.
C . FortiAnalyzer is receiving logs from the root FortiGate of a Security Fabric.
D . The device sending logs has two VDOMs in the same ADOM.

Answer: B

Explanation:

In a Fortinet Security Fabric, logs from downstream devices can be sent to FortiAnalyzer through the root FortiGate. This is why all the logs have the same source IP address (the root FortiGate). The root FortiGate aggregates and forwards the logs from all downstream devices, so the source IP in the log capture will appear to be from the root FortiGate itself, even though the logs originate from multiple devices within the fabric.

Latest FCP_FAZ_AD-7.4 Dumps Valid Version with 30 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download FCP_FAZ_AD-7.4 PDF    FCP_FAZ_AD-7.4 Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments