لا تريد أن تفوت شيئا؟

نصائح اجتياز امتحان الشهادة

آخر أخبار الامتحانات ومعلومات الخصم

برعاية وحديثة من قبل خبرائنا

نعم، أرسل لي النشرة الإخبارية

خذ اختبارات أخرى عبر الإنترنت
السؤال #1
Refer to the exhibit.
A. In Log View, this feature allows you to build a chart and chart automatically, on the top 100 log entries
B. In Log View, this feature allows you to build a dataset and chart automatically, based on the filtered search results
C. This feature allows you to build a chart under FortiView
D. You can add charts to generated reports using this feature
عرض الإجابة
اجابة صحيحة: B
السؤال #2
What allows one task to use the output of a previous task as its input?
A. Trigger variables
B. Output variablescorrect
C. Exported tasks
D. Trigger variables
عرض الإجابة
اجابة صحيحة: B
السؤال #3
Exhibit. A fortiAnalyzer analyst is customizing a SQL query to use in a report. Which SQL query should the analyst run to get the expected results?
A.
B.
C.
D.
عرض الإجابة
اجابة صحيحة: A
السؤال #4
Which two statements about exporting and importing playbooks are true? (Choose two.)
A. You can export only one playbook at a time
B. A playbook that was disabled when it was exported will be disabled when it is imported
C. You can import a playbook even if there is another one with the same name in the destination
D. Playbooks can be imported to a different FortiAnalyzer device, but only if the connectors already exist
عرض الإجابة
اجابة صحيحة: AB
السؤال #5
Refer to the exhibit. Which statement is correct regarding the event displayed?
A. An incident was created from this event
B. The security risk was blocked or dropped
C. The security event risk is considered open
D. The risk source is isolated
عرض الإجابة
اجابة صحيحة: B
السؤال #6
What happens when the IOC breach detection engine on FortiAnalyzer finds web logs that match a blocklisted IP address?
A. The endpoint is marked as Compromised and
B. FortiAnalyzer flags the associated host for further analysis
C. A new Infected entry is added for the corresponding endpoint
D. The detection engine classifies those logs as Suspicious
عرض الإجابة
اجابة صحيحة: A
السؤال #7
Which two statements about playbook execution are true? (Choose two)
A. FortiAnalyzer will not commit changes made by a Failed playbook
B. The Playbook Monitor provides troubleshooting logs
C. You can
عرض الإجابة
اجابة صحيحة: AB
السؤال #8
You discover that a few reports are taking a long tine lo generate. Which two steps can you Like to troubleshoot? (Choose two.)
A. Enable auto-cache and run the reports again
B. Remove old reports from the hcache
C. Increase the ADOM reports quota
D. Review report diagnostics
عرض الإجابة
اجابة صحيحة: AB
السؤال #9
For proper log correlation between the logging devices and FortiAnalyzer, FortiAnalyzer and all registered devices should:
A. Use DNS
B. Use an NTP servercorrect
C. Use real-time forwarding
D. Use host name resolution
عرض الإجابة
اجابة صحيحة: B
السؤال #10
What is the purpose of the following CLI command?
A. To encrypt log communications
B. To add a unique tag to each log to prove that it came from this FortiAnalyzer
C. To add the MD's hash value and authentication code
D. To add a log file checksumcorrect
عرض الإجابة
اجابة صحيحة: D
السؤال #11
What is the purpose of employing RAID with FortiAnalyzer?
A. To introduce redundancy to your log datacorrect
B. To provide data separation between ADOMs
C. To separate analytical and archive data
D. To back up your logs
عرض الإجابة
اجابة صحيحة: A
السؤال #12
In order for FortiAnalyzer to collect logs from a FortiGate device, what configuration is required? (Choose two.)
A. Remote logging must be enabled on FortiGatecorrect
B. FortiGate must be registered with FortiAnalyzercorrect
C. Log encryption must be enabled
D. ADOMs must be enabled
عرض الإجابة
اجابة صحيحة: AB
السؤال #13
You are using RAID with a FortiAnalyzer that supports software RAID, and one of the hard disks on FortiAnalyzer has failed. What is the recommended method to replace the disk?
A. Shut down FortiAnalyzer and then replace the diskcorrect
B. Downgrade your RAID level, replace the disk, and then upgrade your RAID level
C. Clear all RAID alarms and replace the disk while FortiAnalyzer is still running
D. Perform a hot swap
عرض الإجابة
اجابة صحيحة: A
السؤال #14
What are analytics logs on FortiAnalyzer?
A. Log type Traffic logs
B. Logs that roll over when the log file reaches a specific size
C. Logs that are indexed and stored in the SQcorrect
D. Raw logs that are compressed and saved to a log file
عرض الإجابة
اجابة صحيحة: C
السؤال #15
Which log will generate an event with the status Unhandled?
A. An AV log with action=quarantine
B. An IPS log with action=pass
C. A WebFilter log will action=dropped
D. An AppControl log with action=blocked
عرض الإجابة
اجابة صحيحة: B
السؤال #16
Which statements are true regarding securing communications between FortiAnalyzer and FortiGate with SSL? (Choose two.)
A. FortiAnalyzer encryption level must be equal to, or higher than, FortiGate
B. SSL encryption levels are globally set on FortiAnalyzer
C. SSL can send logs in real-time only
D. SSL is the default setting
E. SSL communications are auto-negotiated between the two devices
عرض الإجابة
اجابة صحيحة: ABD
السؤال #17
Which two FortiAnalyzer features allow you to build a dataset and a chart automatically, based on a filtered search result? (Choose two.)
A. Chart Buildercorrect
B. Custom View
C. Export to Report Chart (FortiView)correct
D. Dataset Library
عرض الإجابة
اجابة صحيحة: AC
السؤال #18
Refer to the exhibit. Which statement is correct regarding the event displayed?
A. An incident was created from this event
B. The security risk was blocked or dropped
C. The security event risk is considered open
D. The risk source is isolated
عرض الإجابة
اجابة صحيحة: B
السؤال #19
Logs are being deleted from one of your ADOMs earlier that the configured setting for archiving in your data policy. What is the most likely problem?
A. The ADOM disk quota is set too low based on log rates
B. Logs in that ADOM are being forwarded in real-time to another FortiAnalyzer device
C. CPU resources are too high
D. The total disk space is insufficient and you need to add other disk
عرض الإجابة
اجابة صحيحة: A
السؤال #20
Which statement describes archive logs on FortiAnalyzer?
A. Logs that are indexed and stored in the SQL database
B. Logs a FortiAnalyzer administrator can access in FortiView
C. Logs compressed and saved in files with the
D. Logs previously collected from devices that are offline
عرض الإجابة
اجابة صحيحة: C
السؤال #21
As part of your analysis, you discover that an incident is a false positive. You change the incident status to Closed: False Positive. Which statement about your update is true?
A. The audit history log will be updated
B. The corresponding event will be marked as mitigated
C. The incident will be deleted
D. The incident number will be changed
عرض الإجابة
اجابة صحيحة: A
السؤال #22
For which two SAML roles can the FortiAnalyzer be configured? (Choose two.)
A. Principalcorrect
B. Identity providercorrect
C. Identity collector
D. Service providercorrect
عرض الإجابة
اجابة صحيحة: ABD
السؤال #23
Consider the CLI command: What is the purpose of the command?
A. To add a unique tag to each log to prove that it came from this FortiAnalyzer
B. To add a log file checksumcorrect
C. To encrypt log communications
D. To add the MD5 hash value and authentication code
عرض الإجابة
اجابة صحيحة: B
السؤال #24
Which two statements about log forwarding are true? (Choose two.)
A. Forwarded logs cannot be filtered to match specific criteria
B. Logs are forwarded in real-time only
C. The client retains a local copy of the logs after forwarding
D. You can use aggregation mode only with another FortiAnalyzer
عرض الإجابة
اجابة صحيحة: ACD
السؤال #25
Which statement describes a dataset in FortiAnalyzer?
A. They determine what data is retrieved from the database
B. They provide the layout used for reports
C. They are used to set the data included in templates
D. They define the chart types to be used in reports
عرض الإجابة
اجابة صحيحة: A
السؤال #26
You are trying to configure a task in the playbook editor to run a report. However, when you try to select the desired playbook, you do not see it listed. What is the reason?
A. The report has no results and must be reconfigured
B. You must create a trigger to run the report first
C. The playbook is currently running and will be available after it is finished
D. The report does not have auto-cache and extended log filtering enabled
عرض الإجابة
اجابة صحيحة: D
السؤال #27
When you move a FortiGate device from one ADOM to a new ADOM, what is the purpose of rebuilding the new ADOM database?
A. To migrate the archive logs to the new ADOM
B. To reset the disk quota enforcement to default
C. To remove the device's analytics logs from the old ADOM
D. To run reports on the device's analytics logs in the new ADOMcorrect
عرض الإجابة
اجابة صحيحة: D
السؤال #28
For which two purposes would you use the command set log checksum? (Choose two.)
A. To help protect against man-in-the-middle attacks during log upload from FortiAnalyzer to an SFTP servercorrect
B. To prevent log modification or tamperingcorrect
C. To encrypt log communications
D. To send an identical set of logs to a second logging server
عرض الإجابة
اجابة صحيحة: AB
السؤال #29
When managing incidents on FortiAnalyzer, what must an analyst be aware of?
A. The status of the incident is always linked to the status of the attached event
B. Incidents must be acknowledged before they can be analyzed
C. Severity incidents rated with the level High have an initial service-level agreement (SLA) response time of 1 hour
D. You can manually attach generated reports to incidents
عرض الإجابة
اجابة صحيحة: D
السؤال #30
Why should you use an NTP server on FortiAnalyzer and all registered devices that log into FortiAnalyzer?
A. To properly correlate logscorrect
B. To use real-time forwarding
C. To resolve host names
D. To improve DNS response times
عرض الإجابة
اجابة صحيحة: A

View The Updated Fortinet Exam Questions

SPOTO Provides 100% Real Fortinet Exam Questions for You to Pass Your Fortinet Exam!

Get Fortinet Practice Test

عرض الإجابات بعد التقديم

يرجى إرسال البريد الإلكتروني الخاص بك والواتس اب للحصول على إجابات الأسئلة.

ملحوظة: يرجى التأكد من صلاحية معرف البريد الإلكتروني وWhatsApp حتى تتمكن من الحصول على نتائج الاختبار الصحيحة.

بريد إلكتروني:
رقم الواتس اب/الهاتف:


Copyright © 2024. Designer by SPOTO Official Website. All Rights Reserved.