لا تريد أن تفوت شيئا؟

نصائح اجتياز امتحان الشهادة

آخر أخبار الامتحانات ومعلومات الخصم

برعاية وحديثة من قبل خبرائنا

نعم، أرسل لي النشرة الإخبارية

خذ اختبارات أخرى عبر الإنترنت
السؤال #1
How does FortiAnalyzer retrieve specific log data from the database?
A. SQL FROM statement
B. SQL GET statement
C. SQL SELECT statementcorrect
D. SQL EXTRACT statement
عرض الإجابة
اجابة صحيحة: C
السؤال #2
Which statement about the FortiSOAR management extension is correct?
A. It requires a FortiManager configured to manage FortiGate
B. It runs as a docker container on FortiAnalyzer
C. It requires a dedicated FortiSOAR device or VM
D. It does not include a limited trial by default
عرض الإجابة
اجابة صحيحة: C
السؤال #3
What are analytics logs on FortiAnalyzer?
A. Log type Traffic logs
B. Logs that roll over when the log file reaches a specific size
C. Logs that are indexed and stored in the SQcorrect
D. Raw logs that are compressed and saved to a log file
عرض الإجابة
اجابة صحيحة: C
السؤال #4
You have recently grouped multiple FortiGate devices into a single ADOM. System Settings > Storage Info shows the quota used. What does the disk quota refer to?
A. The maximum disk utilization for each device in the ADOM
B. The maximum disk utilization for the FortiAnalyzer model
C. The maximum disk utilization for the ADOM type
D. The maximum disk utilization for all devices in the ADOMcorrect
عرض الإجابة
اجابة صحيحة: D
السؤال #5
Which clause is considered mandatory in SELECT statements used by the FortiAnalyzer to generate reports?
A. FROMcorrect
B. LIMIT
C. WHERE
D. ORDER BY
عرض الإجابة
اجابة صحيحة: A
السؤال #6
How does FortiAnalyzer retrieve specific log data from the database?
A. SQL FROM statement
B. SQL GET statement
C. SQL SELECT statementcorrect
D. SQL EXTRACT statement
عرض الإجابة
اجابة صحيحة: C
السؤال #7
After a generated a repot, you notice the information you were expecting to see in not included in it. However, you confirm that the logs are there:Which two actions should you perform? (Choose two.)
A. Check the time frame covered by the report
B. Disable auto-cache
C. Increase the report utilization quota
D. Test the dataset
عرض الإجابة
اجابة صحيحة: AD
السؤال #8
What happens when the IOC breach detection engine on FortiAnalyzer finds web logs that match a blocklisted IP address?
A. The endpoint is marked as Compromised and
B. FortiAnalyzer flags the associated host for further analysis
C. A new Infected entry is added for the corresponding endpoint
D. The detection engine classifies those logs as Suspicious
عرض الإجابة
اجابة صحيحة: A
السؤال #9
After you have moved a registered logging device out of one ADOM and into a new ADOM, what is the purpose of running the following CLI command? execute sql-local rebuild-adom
A. To reset the disk quota enforcement to default
B. To remove the analytics logs of the device from the old database
C. To migrate the archive logs to the new ADOM
D. To populate the new ADOM with analytical logs for the moved device, so you can run reportscorrect
عرض الإجابة
اجابة صحيحة: D
السؤال #10
Which statement is true when you are upgrading the firmware on an HA cluster made up of two FortiAnalyzer devices?
A. You can perform the firmware upgrade using only a console connection
B. You can enable uninterruptible-upgrade so that the normal FortiAnalyzer operations are not interrupted while the cluster firmware upgrades
C. Both FortiAnalyzer devices will be upgraded at the same time
D. First, upgrade the secondary device, and then upgrade the primary device
عرض الإجابة
اجابة صحيحة: D
السؤال #11
What is the purpose of output variables?
A. To store playbook execution statistics
B. To use the output of the previous task as the input of the current taskcorrect
C. To display details of the connectors used by a playbook
D. To save all the task settings when a playbook is exported
عرض الإجابة
اجابة صحيحة: B
السؤال #12
You must find a specific security event log in the FortiAnalyzer logs displayed in FortiView, but, so far, you have been uncuccessful. Which two tasks should you perform to investigate why you are having this issue? (Choose two.)
A. Open
B. Rebuild the SQL database and check FortiView
C. Review the ADOM data policy
D. Check logs in the Log Browse
عرض الإجابة
اجابة صحيحة: AB
السؤال #13
Consider the CLI command: What is the purpose of the command?
A. To add a unique tag to each log to prove that it came from this FortiAnalyzer
B. To add a log file checksumcorrect
C. To encrypt log communications
D. To add the MD5 hash value and authentication code
عرض الإجابة
اجابة صحيحة: B
السؤال #14
Which two FortiAnalyzer features allow you to build a dataset and a chart automatically, based on a filtered search result? (Choose two.)
A. Chart Buildercorrect
B. Custom View
C. Export to Report Chart (FortiView)correct
D. Dataset Library
عرض الإجابة
اجابة صحيحة: AC
السؤال #15
Exhibit.Which statement about the event displayed is correct?
A. The risk source is isolated
B. The security risk was blocked or dropped
C. The security event risk is considered open
D. An incident was created from this event
عرض الإجابة
اجابة صحيحة: B
السؤال #16
Which log will generate an event with the status Unhandled?
A. An AV log with action=quarantine
B. An IPS log with action=pass
C. A WebFilter log will action=dropped
D. An AppControl log with action=blocked
عرض الإجابة
اجابة صحيحة: B
السؤال #17
What is the purpose of the following CLI command?
A. To encrypt log communications
B. To add a unique tag to each log to prove that it came from this FortiAnalyzer
C. To add the MD's hash value and authentication code
D. To add a log file checksumcorrect
عرض الإجابة
اجابة صحيحة: D
السؤال #18
Logs are being deleted from one of your ADOMs earlier that the configured setting for archiving in your data policy. What is the most likely problem?
A. The ADOM disk quota is set too low based on log rates
B. Logs in that ADOM are being forwarded in real-time to another FortiAnalyzer device
C. CPU resources are too high
D. The total disk space is insufficient and you need to add other disk
عرض الإجابة
اجابة صحيحة: A
السؤال #19
What is the main purpose of deploying RAID with FortiAnalyzer?
A. To back up your logs
B. To make an identical copy of log data on two separate physical drives
C. To provide redundancy of your log datacorrect
D. To store data in chunks across multiple drives
عرض الإجابة
اجابة صحيحة: C
السؤال #20
When you move a FortiGate device from one ADOM to a new ADOM, what is the purpose of rebuilding the new ADOM database?
A. To migrate the archive logs to the new ADOM
B. To reset the disk quota enforcement to default
C. To remove the device's analytics logs from the old ADOM
D. To run reports on the device's analytics logs in the new ADOMcorrect
عرض الإجابة
اجابة صحيحة: D
السؤال #21
Which statement describes a dataset in FortiAnalyzer?
A. They determine what data is retrieved from the database
B. They provide the layout used for reports
C. They are used to set the data included in templates
D. They define the chart types to be used in reports
عرض الإجابة
اجابة صحيحة: A
السؤال #22
Which SQL query is in the correct order to query the database in the FortiAnalyzer?
A. SELECT devid WHERE 'user'='USER1' FROM $log GROUP BY devid
B. FROM $log WHERE 'user'='USER1' SELECT devid GROUP BY devid
C. SELECT devid FROM $log WHERE 'user'='USER1' GROUP BY devidcorrect
D. SELECT devid FROM $log GROUP BY devid WHERE 'user'='USER1'
عرض الإجابة
اجابة صحيحة: C
السؤال #23
Refer to the exhibit.
A. In Log View, this feature allows you to build a chart and chart automatically, on the top 100 log entries
B. In Log View, this feature allows you to build a dataset and chart automatically, based on the filtered search results
C. This feature allows you to build a chart under FortiView
D. You can add charts to generated reports using this feature
عرض الإجابة
اجابة صحيحة: B
السؤال #24
A rogue administrator was accessing FortiAnalyzer without permission, and you are tasked to see what activity was performed by that rogue administrator on FortiAnalyzer. What can you do on FortiAnalyzer to accomplish this?
A. Click Task Monitor and view the tasks performed by that administrator
B. Click Fabric View and view the tasks performed by the rogue administrator
C. Click Log View and generate a report for that administrator
D. Click FortiView and generate a report for that administrator
عرض الإجابة
اجابة صحيحة: A
السؤال #25
Which statements are correct regarding FortiAnalyzer reports? (Choose two)
A. FortiAnalyzer provides the ability to create custom reports
B. FortiAnalyzer glows you to schedule reports to run
C. FortiAnalyzer includes pre-defined reports only
D. FortiAnalyzer allows reporting for FortiGate devices only
عرض الإجابة
اجابة صحيحة: AB
السؤال #26
You discover that a few reports are taking a long tine lo generate. Which two steps can you Like to troubleshoot? (Choose two.)
A. Remove old reports from the hcache
B. Enable auto-cache and run the reports again
C. Increase the ADOM reports quota
D. Review report diagnostics
عرض الإجابة
اجابة صحيحة: AB
السؤال #27
Which statement about sending notifications with incident update is true?
A. You can send notifications to multiple external platforms
B. Notifications can be sent only by email
C. If you use multiple fabric connectors, all connectors must have the same settings
D. Notifications can be sent only when an incident is updated or deleted
عرض الإجابة
اجابة صحيحة: A
السؤال #28
You are using RAID with a FortiAnalyzer that supports software RAID, and one of the hard disks on FortiAnalyzer has failed. What is the recommended method to replace the disk?
A. Shut down FortiAnalyzer and then replace the diskcorrect
B. Downgrade your RAID level, replace the disk, and then upgrade your RAID level
C. Clear all RAID alarms and replace the disk while FortiAnalyzer is still running
D. Perform a hot swap
عرض الإجابة
اجابة صحيحة: A
السؤال #29
What are two benefits of using fabric connectors? (Choose two.)
A. They allow FortiAnalyzer to send logs in real-time to public cloud accounts
B. You do not need an additional license to send logs to the cloud platform
C. Fabric connectors allow you to improve redundancy
D. Using fabric connectors is more efficient than using third-party polling with AP
عرض الإجابة
اجابة صحيحة: AC
السؤال #30
Refer to the exhibit. Which two statements are true regarding enabling auto-cache on FortiAnalyzer? (Choose two.)
A. Report size will be optimized to conserve disk space on FortiAnalyzer
B. Reports will be cached in the memory
C. This feature is automatically enabled for scheduled reports
D. Enabling auto-cache reduces report generation time for reports that require a long time to assemble datasets
عرض الإجابة
اجابة صحيحة: ACD

View The Updated Fortinet Exam Questions

SPOTO Provides 100% Real Fortinet Exam Questions for You to Pass Your Fortinet Exam!

Get Fortinet Practice Test

عرض الإجابات بعد التقديم

يرجى إرسال البريد الإلكتروني الخاص بك والواتس اب للحصول على إجابات الأسئلة.

ملحوظة: يرجى التأكد من صلاحية معرف البريد الإلكتروني وWhatsApp حتى تتمكن من الحصول على نتائج الاختبار الصحيحة.

بريد إلكتروني:
رقم الواتس اب/الهاتف:


Copyright © 2024. Designer by SPOTO Official Website. All Rights Reserved.