New Year Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: pass65

FCP_FAZ_AN-7.4 FCP - FortiAnalyzer 7.4 Analyst Questions and Answers

Questions 4

Exhibit.

FCP_FAZ_AN-7.4 Question 4

What can you conclude about these search results? (Choose two.)

Options:

A.

They can be downloaded to a file.

B.

They are sortable by columns and customizable.

C.

They are not available for analysis in FortiView.

D.

They were searched by using text mode.

Buy Now
Questions 5

Refer to the exhibit with partial output:

FCP_FAZ_AN-7.4 Question 5

Your colleague exported a playbook and has sent it to you for review. You open the file in a text editor and observer the output as shown in the exhibit.

Which statement about the export is true?

Options:

A.

The export data type is zipped.

B.

The playbook is misconfigured.

C.

The option to include the connector was not selected.

D.

Your colleague put a password on the export.

Buy Now
Questions 6

What happens when the indicator of compromise (IOC) engine on FortiAnalyzer finds web logs that match blacklisted IP addresses?

Options:

A.

FortiAnalyzer flags the associated host for further analysis.

B.

A new infected entry is added for the corresponding endpoint under Compromised Hosts.

C.

The detection engine classifies those logs as Suspicious.

D.

The endpoint is marked as Compromised and, optionally, can be put in quarantine.

Buy Now
Questions 7

Which statement regarding macros on FortiAnalyzer is true?

Options:

A.

Macros are predefined templates for reports and cannot be customized.

B.

Macros are useful in generating excel log files automatically based on the report settings.

C.

Macros are ADOM-specific and each ADOM type have unique macros relevant to that ADOM.

D.

Macros are supported only on the FortiGate ADOMs.

Buy Now
Questions 8

You created a playbook on FortiAnalyzer that uses a FortiOS connector.

When configuring the FortiGate side, which type of trigger must be used so that the actions in an automation stich are available in the FortiOS connector?

Options:

A.

FortiAnalyzer Event Handler

B.

Fabric Connector event

C.

FortiOS Event Log

D.

Incoming webhook

Buy Now
Questions 9

An administrator on your team has configured multiple reports to run periodically. Management has an additional request that all new generated reports be sent to a company email inbox for accessibility. The mail server has already been configured on FortiAnalyzer.

Which item must configure on FortiAnalyzer so that emails are sent when the reports are generated?

Options:

A.

Enable the option to email all repots under the mail server.

B.

Add a mailto: option within the report layouts.

C.

Enable email notification under the report calendar.

D.

Enable an output profile on the reports.

Buy Now
Questions 10

What is the purpose of running the command diagnose sql status sqlreportd?

Options:

A.

To view a list of scheduled reports

B.

To list the current SQL processes running

C.

To display the SQL query connections and hcache status

D.

To identify the database log insertion status

Buy Now
Questions 11

Which statement describes archive logs on FortiAnalyzer?

Options:

A.

Logs that are indexed and stored in the SQL database

B.

Logs a FortiAnalyzer administrator can access in FortiView

C.

Logs compressed and saved in files with the .gz extension

D.

Logs previously collected from devices that are offline

Buy Now
Questions 12

After generating a report, you notice the information you where expecting to see is not included in it. However, you confirm that the logs are there.

Options:

A.

Check the time frame covered by the report.

B.

Disable auto-cache.

C.

Increase the report utilization quota.

D.

Test the dataset

Buy Now
Questions 13

What is the purpose of playbook trigger variables?

Options:

A.

To display statistics about the playbook runtime

B.

To use information from the trigger to filter the action in a task

C.

To provide the trigger information to make the playbook start running

D.

To store the start the times of playbooks with On_Schedule triggers

Buy Now
Questions 14

Which two statements about local logs on FortiAnalyzer are true? (Choose two.)

Options:

A.

They are not supported in FortiView.

B.

You can view playbook logs for all ADOMs in the root ADOM.

C.

Event logs show system-wide information, whereas application logs are ADOM specific.

D.

Event logs are available only in the root ADOM.

Buy Now
Questions 15

Which statement about SQL SELECT queries is true?

Options:

A.

They can be used to purge log entries from the database.

B.

They must be followed immediately by a WHERE clause.

C.

They can be used to display the database schema.

D.

They are not used in macros.

Buy Now
Questions 16

Refer to Exhibit:

FCP_FAZ_AN-7.4 Question 16

What does the data point at 21:20 indicate?

Options:

A.

FortiAnalyzer is indexing logs faster than logs are being received.

B.

The fortilogd daemon is ahead in indexing by one log.

C.

The SQL database requires a rebuild because of high receive lag.

D.

FortiAnalyzer is temporarily buffering received logs so older logs can be indexed first.

Buy Now
Exam Code: FCP_FAZ_AN-7.4
Exam Name: FCP - FortiAnalyzer 7.4 Analyst
Last Update: Dec 22, 2024
Questions: 56

PDF + Testing Engine

$57.75  $164.99

Testing Engine

$43.75  $124.99
buy now FCP_FAZ_AN-7.4 testing engine

PDF (Q&A)

$36.75  $104.99
buy now FCP_FAZ_AN-7.4 pdf