لا تريد أن تفوت شيئا؟

نصائح اجتياز امتحان الشهادة

آخر أخبار الامتحانات ومعلومات الخصم

برعاية وحديثة من قبل خبرائنا

نعم، أرسل لي النشرة الإخبارية

خذ اختبارات أخرى عبر الإنترنت
السؤال #1
What types of logs will FortiAnalyzer store?
A. Traffic/Event/Security, Data Leak Prevention (DLP) archive, Quarantine, and IPS (Intrusion Protection System) Packets
B. Traffic/Event, Data Leak Prevention (DLP) archive, Quarantine, and IPS (Intrusion Protection System) Packets
C. Traffic/Event/Security, Data Leak Prevention (DLP) archive, Quarantine
D. Data Leak Prevention (DLP) archive, Quarantine, and IPS (Intrusion Protection System) Packets
عرض الإجابة
اجابة صحيحة: A
السؤال #2
What two things should an administrator do to view Compromised Hosts on FortiAnalyzer? (Choose two.)
A. Enable web filtering in firewall policies on FortiGate devices, and make sure these logs are sent to FortiAnalyzer
B. Enable device detection on an interface on the FortiGate devices that are connected to the FortiAnalyzer
C. Subscribe FortiAnalyzer to FortiGuard to keep its local threat database up-to-date
D. Make sure all endpoints are reachable by FortiAnalyzer
عرض الإجابة
اجابة صحيحة: AC
السؤال #3
An administrator has configured the following settings: config system global set log-checksum md5-auth end What is the significance of executing this command?
A. This command records the log file MD5 hash value
B. This command records passwords in log files and encrypts them
C. This command encrypts log transfer between FortiAnalyzer and other devices
D. This command records the log file MD5 hash value and authentication code
عرض الإجابة
اجابة صحيحة: D
السؤال #4
What is included in the disk quota for each ADOM on the FortiAnalyzer?
A. SQL tables and archive files
B. Raw logs and archive files
C. Archive logs and analytics logscorrect
D. Raw logs, archive files, SQL database tables
عرض الإجابة
اجابة صحيحة: C
السؤال #5
Refer to the exhibit. Laptop1 is used by several administrators to manage FortiAnalyzer. You want to configure a generic text filter that matches all login attempts to the web interface generated by any user other than "admin" and coming from Laptop1. Which filter will achieve the desired result?
A. operation-login & performed_on=="GUI(10
B. operation-login & srcip==10
C. operation-login & dstip==10
D. operation-login & performed_on=="GUI(10
عرض الإجابة
اجابة صحيحة: A
السؤال #6
Which statement about sending notifications with incident update is true?
A. You can send notifications to multiple external platforms
B. Notifications can be sent only by email
C. If you use multiple fabric connectors, all connectors must have the same settings
D. Notifications can be sent only when an incident is updated or deleted
عرض الإجابة
اجابة صحيحة: A
السؤال #7
What allows one task to use the output of a previous task as its input?
A. Trigger variables
B. Output variablescorrect
C. Exported tasks
D. Trigger variables
عرض الإجابة
اجابة صحيحة: B
السؤال #8
For which two SAML roles can the FortiAnalyzer be configured? (Choose two.)
A. Principalcorrect
B. Identity providercorrect
C. Identity collector
D. Service providercorrect
عرض الإجابة
اجابة صحيحة: ABD
السؤال #9
For proper log correlation between the logging devices and FortiAnalyzer, FortiAnalyzer and all registered devices should:
A. Use DNS
B. Use an NTP servercorrect
C. Use real-time forwarding
D. Use host name resolution
عرض الإجابة
اجابة صحيحة: B
السؤال #10
What FortiGate process caches logs when FortiAnalyzer is not reachable?
A. miglogdcorrect
B. oftpd
C. logfiled
D. sqlplugind
عرض الإجابة
اجابة صحيحة: A
السؤال #11
Refer to the exhibit. Laptop1 is used by several administrators to manage FortiAnalyzer. You want to configure a generic text filter that matches all login attempts to the web interface generated by any user other than "admin" and coming from Laptop1. Which filter will achieve the desired result?
A. operation-login & performed_on=="GUI(10
B. operation-login & srcip==10
C. operation-login & dstip==10
D. operation-login & performed_on=="GUI(10
عرض الإجابة
اجابة صحيحة: A
السؤال #12
Which statement describes archive logs on FortiAnalyzer?
A. Logs previously collected from devices that are offline
B. Logs that are indexed and stored in the SQL database
C. Logs compressed and saved in files with the
D. Logs a FortiAnalyzer administrator can access in FortiView
عرض الإجابة
اجابة صحيحة: C
السؤال #13
What database language does FortiAnalyzer use for logging and reporting?
A. XQuery
B. XML
C. SQLcorrect
D. Java
عرض الإجابة
اجابة صحيحة: C
السؤال #14
Which log will generate an event with the status Contained?
A. An IPS log with action=pass
B. A WebFilter log with action=dropped
C. An AV log with action=quarantine
D. An AppControl log with action=blocked
عرض الإجابة
اجابة صحيحة: C
السؤال #15
What database language does FortiAnalyzer use for logging and reporting?
A. XQuery
B. XML
C. SQLcorrect
D. Java
عرض الإجابة
اجابة صحيحة: C
السؤال #16
What must you consider when using log fetching? (Choose two.)
A. The fetch client can retrieve logs from devices that are not added to its local Device Manager
B. You can use filters to include only logs from a single device
C. The fetching profile must include a user with the Super_User profile
D. The archive logs retrieved from the server become archive logs in the client
عرض الإجابة
اجابة صحيحة: AB
السؤال #17
Which log will generate an event with the status Contained?
A. An IPS log with action=pass
B. A WebFilter log with action=dropped
C. An AV log with action=quarantine
D. An AppControl log with action=blocked
عرض الإجابة
اجابة صحيحة: C
السؤال #18
Which statement describes archive logs on FortiAnalyzer?
A. Logs that are indexed and stored in the SQL database
B. Logs a FortiAnalyzer administrator can access in FortiView
C. Logs compressed and saved in files with the
D. Logs previously collected from devices that are offline
عرض الإجابة
اجابة صحيحة: C
السؤال #19
Which clause is considered mandatory in SELECT statements used by the FortiAnalyzer to generate reports?
A. FROMcorrect
B. LIMIT
C. WHERE
D. ORDER BY
عرض الإجابة
اجابة صحيحة: A
السؤال #20
Which two statements about exporting and importing playbacks are true? (Choose two.)
A. A playbook that was disabled when it was exported mil be disabled when it is imported
B. Playbooks can so imported 10 a different FortiAnayzer device, but only if the connectors already exist
C. You can import a playbook even if there is another one win the same name in the destination
D. You can export only one playbook at a time
عرض الإجابة
اجابة صحيحة: CD
السؤال #21
View the exhibit. What does the data point at 14:35 tell you?
A. FortiAnalyzer is dropping logs
B. The sqlplugind daemon is ahead in indexing by one log
C. FortiAnalyzer has temporarily stopped receiving logs so older logs' can be indexed
D. FortiAnalyzer is indexing logs faster than logs are being received
عرض الإجابة
اجابة صحيحة: B
السؤال #22
What two things should an administrator do to view Compromised Hosts on FortiAnalyzer? (Choose two.)
A. Enable web filtering in firewall policies on FortiGate devices, and make sure these logs are sent to FortiAnalyzer
B. Enable device detection on an interface on the FortiGate devices that are connected to the FortiAnalyzer
C. Subscribe FortiAnalyzer to FortiGuard to keep its local threat database up-to-date
D. Make sure all endpoints are reachable by FortiAnalyzer
عرض الإجابة
اجابة صحيحة: AC
السؤال #23
Which SQL query is in the correct order to query the database in the FortiAnalyzer?
A. SELECT devid WHERE 'user'='USER1' FROM $log GROUP BY devid
B. FROM $log WHERE 'user'='USER1' SELECT devid GROUP BY devid
C. SELECT devid FROM $log WHERE 'user'='USER1' GROUP BY devidcorrect
D. SELECT devid FROM $log GROUP BY devid WHERE 'user'='USER1'
عرض الإجابة
اجابة صحيحة: C
السؤال #24
For which two purposes would you use the command set log checksum? (Choose two.)
A. To help protect against man-in-the-middle attacks during log upload from FortiAnalyzer to an SFTP servercorrect
B. To prevent log modification or tamperingcorrect
C. To encrypt log communications
D. To send an identical set of logs to a second logging server
عرض الإجابة
اجابة صحيحة: AB
السؤال #25
Refer to the exhibit. Which two statements are true regarding enabling auto-cache on FortiAnalyzer? (Choose two.)
A. Report size will be optimized to conserve disk space on FortiAnalyzer
B. Reports will be cached in the memory
C. This feature is automatically enabled for scheduled reports
D. Enabling auto-cache reduces report generation time for reports that require a long time to assemble datasets
عرض الإجابة
اجابة صحيحة: ACD
السؤال #26
Which statement about the FortiSIEM management extension is correct?
A. It requires a licensed FortiSIEM supervisor
B. Its use of the available disk space is capped at 50%
C. It can be installed as a dedicated V
D. Allows you to manage the entire life cycle of a threat or breach
عرض الإجابة
اجابة صحيحة: A
السؤال #27
What can you do on FortiAnalyzer to restrict administrative access from specific locations?
A. Configure trusted hosts for that administrator
B. Enable geo-location services on accessible interface
C. Configure two-factor authentication with a remote RADIUS server
D. Configure an ADOM for respective location
عرض الإجابة
اجابة صحيحة: A
السؤال #28
What is the purpose of running the command diagnose sql status sqlreportd?
A. To view a list of scheduled reports
B. To list the current SQL processes running
C. To display the SQL query connections and hcache status
D. To identify the database log insertion status
عرض الإجابة
اجابة صحيحة: C
السؤال #29
What is the purpose of output variables?
A. To store playbook execution statistics
B. To use the output of the previous task as the input of the current taskcorrect
C. To display details of the connectors used by a playbook
D. To save all the task settings when a playbook is exported
عرض الإجابة
اجابة صحيحة: B
السؤال #30
Which two methods can you use to send event notifications when an event occurs that matches a configured event handler? (Choose two.)
A. SMScorrect
B. Emailcorrect
C. SNMPcorrect
D. IM
عرض الإجابة
اجابة صحيحة: ABC

View The Updated Fortinet Exam Questions

SPOTO Provides 100% Real Fortinet Exam Questions for You to Pass Your Fortinet Exam!

Get Fortinet Practice Test

عرض الإجابات بعد التقديم

يرجى إرسال البريد الإلكتروني الخاص بك والواتس اب للحصول على إجابات الأسئلة.

ملحوظة: يرجى التأكد من صلاحية معرف البريد الإلكتروني وWhatsApp حتى تتمكن من الحصول على نتائج الاختبار الصحيحة.

بريد إلكتروني:
رقم الواتس اب/الهاتف:


Copyright © 2024. Designer by SPOTO Official Website. All Rights Reserved.