لا تريد أن تفوت شيئا؟

نصائح اجتياز امتحان الشهادة

آخر أخبار الامتحانات ومعلومات الخصم

برعاية وحديثة من قبل خبرائنا

نعم، أرسل لي النشرة الإخبارية

خذ اختبارات أخرى عبر الإنترنت

السؤال #1
Which log type does the FortiAnalyzer indicators of compromise feature use to identify infected hosts?
A. ntivirus logs
B. eb filter logs
C. PS logs
D. pplication control logs
عرض الإجابة
اجابة صحيحة: B
السؤال #2
You've moved a registered logging device out of one ADOM and into a new ADOM. What happens when you rebuild the new ADOM database?
A. ortiAnalyzer resets the disk quota of the new ADOM to default
B. ortiAnalyzer migrates archive logs to the new ADOM
C. ortiAnalyzer migrates analytics logs to the new ADOM
D. ortiAnalyzer removes logs from the old ADOM
عرض الإجابة
اجابة صحيحة: C
السؤال #3
How do you restrict an administrator’s access to a subset of your organization’s ADOMs?
A. et the ADOM mode to Advanced
B. ssign the ADOMs to the administrator’s account
C. onfigure trusted hosts
D. ssign the default Super_User administrator profile
عرض الإجابة
اجابة صحيحة: B
السؤال #4
FortiAnalyzer reports are dropping analytical data from 15 days ago, even though the data policy setting for analytics logs is 60 days.What is the most likely problem?
A. uota enforcement is acting on analytical data before a report is complete
B. ogs are rolling before the report is run
C. PU resources are too high
D. isk utilization for archive logs is set for 15 days
عرض الإجابة
اجابة صحيحة: B
السؤال #5
Which two statements are true regarding ADOM modes? (Choose two.)
A. se the execute sql-local rebuild-db command to rebuild all ADOM databases
B. se the execute sql-local rebuild-adom ADOM1 command to rebuild the ADOM database
C. se the execute sql-report run ADOM1 command to run a report
D. se the execute sql-local rebuild-adom root command to rebuild the ADOM database
عرض الإجابة
اجابة صحيحة: CD
السؤال #6
What is the recommended method of expanding disk space on a FortiAnalyzer VM?
A. rom the VM host manager, add an additional virtual disk and use the #execute lvm extend command to expand the storage
B. rom the VM host manager, expand the size of the existing virtual disk
C. rom the VM host manager, expand the size of the existing virtual disk and use the # execute format disk command to reformat the disk
D. rom the VM host manager, add an additional virtual disk and rebuild your RAID array
عرض الإجابة
اجابة صحيحة: A
السؤال #7
What is the purpose of trigger variables?
A. To display statistics about the playbook runtime
B. To use information from the trigger to filter the action in a task
C. To provide the trigger information to make the playbook start running
D. To store the start times of playbooks with On_Schedule triggers
عرض الإجابة
اجابة صحيحة: B
السؤال #8
A playbook contains five tasks in total. An administrator executed the playbook and four out of five tasks finished successfully, but one task failed.What will be the status of the playbook after its execution?
A. Failed
B. Success
C. Upstream_failed
D. Running
عرض الإجابة
اجابة صحيحة: B
السؤال #9
Which two methods are the most common methods to control and restrict administrative access on FortiAnalyzer? (Choose two.)
A. ogfiled
B. ftpd
C. qlplugind
D. iglogd
عرض الإجابة
اجابة صحيحة: BC
السؤال #10
Which two statements are true regarding the outbreak detection service? (Choose two.)
A. New alerts are received by email
B. Outbreak alerts are available on the root ADOM only
C. An additional license is required
D. It automatically downloads new event handlers and reports
عرض الإجابة
اجابة صحيحة: CD
السؤال #11
For proper log correlation between the logging devices and FortiAnalyzer, FortiAnalyzer and all registered devices should:
A. se DNS
B. se host name resolution
C. se real-time forwarding
D. se an NTP server
عرض الإجابة
اجابة صحيحة: D
السؤال #12
Which two statements are true regarding FortiAnalyzer log forwarding? (Choose two.)
A. acros are ADOM specific and each ADOM will have unique macros relevant to that ADOM
B. acros are supported only on the FortiGate ADOM
C. acros are useful in generating excel log files automatically based on the reports settings
D. acros are predefined templates for reports and cannot be customized
عرض الإجابة
اجابة صحيحة: AC
السؤال #13
What is the purpose of the following CLI command?
A. o add a log file checksum
B. o add the MD's hash value and authentication code
C. o add a unique tag to each log to prove that it came from this FortiAnalyzer
D. o encrypt log communications
عرض الإجابة
اجابة صحيحة: A
السؤال #14
For proper log correlation between the logging devices and FortiAnalyzer, FortiAnalyzer and all registered devices should:
A. se DNS
B. se host name resolution
C. se real-time forwarding
D. se an NTP server
عرض الإجابة
اجابة صحيحة: D
السؤال #15
Which statements are correct regarding FortiAnalyzer reports? (Choose two)
A. ortiView
B. vent Management
C. evice Manger
D. eporting
عرض الإجابة
اجابة صحيحة: AB
السؤال #16
What is the purpose of employing RAID with FortiAnalyzer?
A. o introduce redundancy to your log data
B. o provide data separation between ADOMs
C. o separate analytical and archive data
D. o back up your logs
عرض الإجابة
اجابة صحيحة: A
السؤال #17
After you have moved a registered logging device out of one ADOM and into a new ADOM. what is the purpose of running the following CLI command? execute sql-local rebuild-adom
A. To reset the disk quota enforcement to default
B. To migrate the archive logs to the new ADOM
C. To remove the analytics logs of the device from the old database
D. To populate the new ADOM with analytical logs for the moved device, so you can run reports
عرض الإجابة
اجابة صحيحة: D
السؤال #18
What is the recommended method of expanding disk space on a FortiAnalyzer VM?
A. rom the VM host manager, add an additional virtual disk and use the #execute lvm extend command to expand the storage
B. rom the VM host manager, expand the size of the existing virtual disk
C. rom the VM host manager, expand the size of the existing virtual disk and use the # execute format disk command to reformat the disk
D. rom the VM host manager, add an additional virtual disk and rebuild your RAID array
عرض الإجابة
اجابة صحيحة: A
السؤال #19
In FortiAnalyzer’s FormView, source and destination IP addresses from FortiGate devices are not resolving to a hostname. How can you resolve the source and destination IPs, without introducing any additional performance impact to FortiAnalyzer?
A. onfigure local DNS servers on FortiAnalyzer
B. esolve IPs on FortiGate
C. onfigure # set resolve-ip enable in the system FortiView settings
D. esolve IPs on a per-ADOM basis to reduce delay on FortiView while IPs resolve
عرض الإجابة
اجابة صحيحة: B
السؤال #20
If you upgrade the FortiAnalyzer firmware, which report element can be affected?
A. ustom datasets
B. eport scheduling
C. eport settings
D. utput profiles
عرض الإجابة
اجابة صحيحة: A
السؤال #21
Logs are being deleted from one of your ADOMs earlier that the configured setting for archiving in your data policy. What is the most likely problem?
A. he total disk space is insufficient and you need to add other disk
B. PU resources are too high
C. he ADOM disk quota is set too low based on log rates
D. ogs in that ADOM are being forwarded in real-time to another FortiAnalyzer device
عرض الإجابة
اجابة صحيحة: C
السؤال #22
How can you configure FortiAnalyzer to permit administrator logins from only specific locations?
A. se static routes
B. se administrative profiles
C. se trusted hosts
D. se secure protocols
عرض الإجابة
اجابة صحيحة: C
السؤال #23
What is the purpose of output variables?
A. To display details of the connectors used by a playbook
B. To store playbook execution statistics
C. To save all the task settings when a playbook is exported
D. To use the output of the previous task as the input of the current task
عرض الإجابة
اجابة صحيحة: D
السؤال #24
View the exhibit.Why is the total quota less than the total system storage?
A.
B. ome space is reserved for system use, such as storage of compression files, upload files, and temporary report files
C. he oftpd process has not archived the logs yet
D. he logfiled process is just estimating the total quota
عرض الإجابة
اجابة صحيحة: B
السؤال #25
Refer to the exhibits.How many events will be added to the incident created after running this playbook?
A. Thirteen events will be added
B. Five events will be added
C. No events will be added
D. Ten events will be added
عرض الإجابة
اجابة صحيحة: D
السؤال #26
For which two purposes would you use the command set log checksum? (Choose two.)
A. To prevent log modification or tampering
B. To send an identical set of logs to a second logging server
C. To encrypt log communications
D. To help protect against man-in-the-middle attacks during log upload from FortiAnalyzer to an SFTP server
عرض الإجابة
اجابة صحيحة: AD
السؤال #27
If the primary FortiAnalyzer in an HA cluster fails, how is the new primary elected?
A. The firmware version is checked first
B. The active port number is checked first
C. The configured IP address is checked first
D. The configured priority is checked first
عرض الإجابة
اجابة صحيحة: D
السؤال #28
You are using RAID with a FortiAnalyzer that supports software RAID, and one of the hard disks on FortiAnalyzer has failed. What is the recommended method to replace the disk?
A. ortiAnalyzer is ensuring that the parity data of a redundant drive is valid
B. ortiAnalyzer is writing data to a newly added hard drive to restore it to an optimal state
C. ortiAnalyzer is writing to all of its hard drives to make the array fault tolerant
D. ortiAnalyzer is functioning normally
عرض الإجابة
اجابة صحيحة: A
السؤال #29
After you have moved a registered logging device out of one ADOM and into a new ADOM, what is the purpose of running the following CLI command? execute sql-local rebuild-adom
A. o reset the disk quota enforcement to default
B. o remove the analytics logs of the device from the old database
C. o migrate the archive logs to the new ADOM
D. o populate the new ADOM with analytical logs for the moved device, so you can run reports
عرض الإجابة
اجابة صحيحة: D
السؤال #30
You’ve moved a registered logging device out of one ADOM and into a new ADOM. What happens when you rebuild the new ADOM database?
A. ortiAnalyzer resets the disk quota of the new ADOM to default
B. ortiAnalyzer migrates archive logs to the new ADOM
C. ortiAnalyzer migrates analytics logs to the new ADOM
D. ortiAnalyzer removes logs from the old ADOM
عرض الإجابة
اجابة صحيحة: C
السؤال #31
In the FortiAnalyzer FortiView, source and destination IP addresses from FortiGate devices are not resolving to a hostname.How can you resolve the source and destination IP addresses, without introducing any additional performance impact to FortiAnalyzer?
A. esolve IP addresses on a per-ADOM basis to reduce delay on FortiView while IPs resolve
B. onfigure # set resolve-ip enable in the system FortiView settings
C. onfigure local DNS servers on FortiAnalyzer
D. esolve IP addresses on FortiGate
عرض الإجابة
اجابة صحيحة: D
السؤال #32
How are logs forwarded when FortiAnalyzer is using aggregation mode?
A. ogs are forwarded as they are received and content files are uploaded at a scheduled time
B. ogs and content files are stored and uploaded at a scheduled time
C. ogs are forwarded as they are received
D. ogs and content files are forwarded as they are received
عرض الإجابة
اجابة صحيحة: B
السؤال #33
What FortiGate process caches logs when FortiAnalyzer is not reachable?
A. ogfiled
B. qlplugind
C. ftpd
D. iglogd
عرض الإجابة
اجابة صحيحة: D
السؤال #34
What happens when a log file saved on FortiAnalyzer disks reaches the size specified in the device log settings?
A. he log file is stored as a raw log and is available for analytic support
B. he log file rolls over and is archived
C. he log file is purged from the database
D. he log file is overwritten
عرض الإجابة
اجابة صحيحة: B
السؤال #35
What are offline logs on FortiAnalyzer?
A. se this command only if the source IP addresses are not resolved on FortiGate
B. t resolves the source and destination IP addresses to a hostname in FortiView on FortiAnalyzer
C. ou must configure local DNS servers on FortiGate for this command to resolve IP addresses on Forti Analyzer
D. t resolves the destination IP address to a hostname in FortiView on FortiAnalyzer
عرض الإجابة
اجابة صحيحة: A
السؤال #36
You created a playbook on FortiAnalyzer that uses a FortiOS connector.When configuring the FortiGate side, which type of trigger must be used so that the actions in an automation stitch are available in the FortiOS connector?
A. FortiAnalyzer Event Handler
B. Incoming webhook
C. Fabric Connector event
D. FortiOS Event Log
عرض الإجابة
اجابة صحيحة: B
السؤال #37
On FortiAnalyzer, what is a wildcard administrator account?
A. n account that permits access to members of an LDAP group
B. n account that allows guest access with read-only privileges
C. n account that requires two-factor authentication
D. n account that validates against any user account on a FortiAuthenticator
عرض الإجابة
اجابة صحيحة: A
السؤال #38
What are two advantages of setting up fabric ADOM? (Choose two.)
A. t can be edited and modified as required
B. t specifies the report layout which contains predefined texts, charts, and macros
C. t specifies report settings which contains time period, device selection, and schedule
D. t contains predefined data to generate mock reports
عرض الإجابة
اجابة صحيحة: AC
السؤال #39
After you have moved a registered logging device out of one ADOM and into a new ADOM, what is the purpose of running the following CLI command?execute sql-local rebuild-adom
A. o reset the disk quota enforcement to default
B. o remove the analytics logs of the device from the old database
C. o migrate the archive logs to the new ADOM
D. o populate the new ADOM with analytical logs for the moved device, so you can run reports
عرض الإجابة
اجابة صحيحة: D
السؤال #40
Refer to the exhibit.What does the data point at 12:20 indicate?
A. The performance of FortiAnalyzer is below the baseline
B. FortiAnalyzer is using its cache to avoid dropping logs
C. The log insert lag time is increasing
D. The sqlplugind service is caught up with new logs
عرض الإجابة
اجابة صحيحة: C
السؤال #41
Refer to the exhibit.Which two statements are true regarding enabling auto-cache on FortiAnalyzer? (Choose two.)
A. Enabling auto-cache reduces report generation time for reports that require a long time to assemble datasets
B. This feature is automatically enabled for scheduled reports
C. Reports will be cached in the memory
D. Report size will be optimized to conserve disk space on FortiAnalyzer
عرض الإجابة
اجابة صحيحة: AD
السؤال #42
Which tabs do not appear when FortiAnalyzer is operating in Collector mode?
A. ortiAnalyzer overwrites the log files
B. ortiAnalyzer stops logging
C. ortiAnalyzer rolls the active log by renaming the file
D. ortiAnalyzer forwards logs to syslog
عرض الإجابة
اجابة صحيحة: B
السؤال #43
Which statement is true regarding Macros on FortiAnalyzer?
A. Macros are predefined templates for reports and cannot be customized
B. Macros are useful in generating excel log files automatically based on the report settings
C. Macros are supported only on the FortiGate ADOM
D. Macros are ADOM specific and each ADOM has unique macros relevant to that ADOM
عرض الإجابة
اجابة صحيحة: D
السؤال #44
What is the purpose of the following CLI command?
A. o add a log file checksum
B. o add the MD’s hash value and authentication code
C. o add a unique tag to each log to prove that it came from this FortiAnalyzer
D. o encrypt log communications
عرض الإجابة
اجابة صحيحة: A
السؤال #45
Which statements are true regarding securing communications between FortiAnalyzer and FortiGate with IPsec? (Choose two.)
A. o add a unique tag to each log to prove that it came from this FortiAnalyzer
B. o add the MD5 hash value and authentication code
C. o add a log file checksum
D. o encrypt log communications
عرض الإجابة
اجابة صحيحة: BD
السؤال #46
How do you restrict an administrator's access to a subset of your organization's ADOMs?
A. et the ADOM mode to Advanced
B. ssign the ADOMs to the administrator's account
C. onfigure trusted hosts
D. ssign the default Super_User administrator profile
عرض الإجابة
اجابة صحيحة: B
السؤال #47
How are logs forwarded when FortiAnalyzer is using aggregation mode?
A. ogs are forwarded as they are received and content files are uploaded at a scheduled time
B. ogs and content files are stored and uploaded at a scheduled time
C. ogs are forwarded as they are received
D. ogs and content files are forwarded as they are received
عرض الإجابة
اجابة صحيحة: B
السؤال #48
Refer to the exhibit.What does the data point at 14:55 tell you?
A. hut down FortiAnalyzer and then replace the disk
B. owngrade your RAID level, replace the disk, and then upgrade your RAID level
C. lear all RAID alarms and replace the disk while FortiAnalyzer is still running
D. erform a hot swap
عرض الإجابة
اجابة صحيحة: D
السؤال #49
On FortiAnalyzer, what is a wildcard administrator account?
A. n account that permits access to members of an LDAP group
B. n account that allows guest access with read-only privileges
C. n account that requires two-factor authentication
D. n account that validates against any user account on a FortiAuthenticator
عرض الإجابة
اجابة صحيحة: A
السؤال #50
How can you configure FortiAnalyzer to permit administrator logins from only specific locations?
A. se static routes
B. se administrative profiles
C. se trusted hosts
D. se secure protocols
عرض الإجابة
اجابة صحيحة: C
السؤال #51
Which two settings must you configure on FortiAnalyzer to allow non-local administrators to authenticate to FortiAnalyzer with any user account in a single LDAP group? (Choose two.)
A. ROM
B. IMIT
C. HERE
D. RDER BY
عرض الإجابة
اجابة صحيحة: AB
السؤال #52
Which daemon is responsible for enforcing raw log file size?
A. his command records the log file MD5 hash value
B. his command records passwords in log files and encrypts them
C. his command encrypts log transfer between FortiAnalyzer and other devices
D. his command records the log file MD5 hash value and authentication code
عرض الإجابة
اجابة صحيحة: A
السؤال #53
What FortiView tool can you use to automatically build a dataset and chart based on a filtered search result?
A. hart Builder
B. xport to Report Chart
C. ataset Library
D. ustom View
عرض الإجابة
اجابة صحيحة: A
السؤال #54
What is the purpose of employing RAID with FortiAnalyzer?
A. o introduce redundancy to your log data
B. o provide data separation between ADOMs
C. o separate analytical and archive data
D. o back up your logs
عرض الإجابة
اجابة صحيحة: A
السؤال #55
You need to upgrade your FortiAnalyzer firmware.What happens to the logs being sent to FortiAnalyzer from FortiGate during the time FortiAnalyzer is temporarily unavailable?
A. ortiAnalyzer uses log fetching to retrieve the logs when back online
B. ortiGate uses the miglogd process to cache the logs
C. he logfiled process stores logs in offline mode
D. ogs are dropped
عرض الإجابة
اجابة صحيحة: B
السؤال #56
In the FortiAnalyzer FortiView, source and destination IP addresses from FortiGate devices are not resolving to a hostname.How can you resolve the source and destination IP addresses, without introducing any additional performance impact to FortiAnalyzer?
A. esolve IP addresses on a per-ADOM basis to reduce delay on FortiView while IPs resolve
B. onfigure # set resolve-ip enable in the system FortiView settings
C. onfigure local DNS servers on FortiAnalyzer
D. esolve IP addresses on FortiGate
عرض الإجابة
اجابة صحيحة: D
السؤال #57
Which statement about sending notifications with incident updates is true?
A. Notifications can be sent only when an incident is created or deleted
B. You must configure an output profile to send notifications by email
C. Each incident can send notifications to a single external platform
D. Each connector used can have different notification settings
عرض الإجابة
اجابة صحيحة: D
السؤال #58
What are two benefits of using fabric connectors? (Choose two.)
A. hey allow FortiAnalyzer to send logs in real-time to public cloud accounts
B. ou do not need an additional license to send logs to the cloud platform
C. abric connectors allow you to improve redundancy
D. sing fabric connectors is more efficient than using third-party polling with API
عرض الإجابة
اجابة صحيحة: AC
السؤال #59
If you upgrade your FortiAnalyzer firmware, what report elements can be affected?
A. QL FROM statement
B. QL GET statement
C. QL SELECT statement
D. QL EXTRACT statement
عرض الإجابة
اجابة صحيحة: D
السؤال #60
Which two methods are the most common methods to control and restrict administrative access on FortiAnalyzer? (Choose two.)
A. ogfiled
B. ftpd
C. qlplugind
D. iglogd
عرض الإجابة
اجابة صحيحة: BC
السؤال #61
What purposes does the auto-cache setting on reports serve? (Choose two.)
A. utput profiles
B. eport settings
C. eport scheduling
D. ustom datasets
عرض الإجابة
اجابة صحيحة: AB
السؤال #62
Which item must you configure on FortiAnalyzer to email generated reports automatically?
A. utput profile
B. eport scheduling
C. FTP server
D. NMP server
عرض الإجابة
اجابة صحيحة: A
السؤال #63
Which two purposes does the auto cache setting on reports serve? (Choose two.)
A. ompressed logs, which are also known as archive logs, are considered to be offline logs
B. hen you restart FortiAnalyzer
C. ogs that are indexed and stored in the SQL database
D. ogs that are collected from offline devices after they boot up
عرض الإجابة
اجابة صحيحة: AD

عرض الإجابات بعد التقديم

يرجى إرسال البريد الإلكتروني الخاص بك والواتس اب للحصول على إجابات الأسئلة.

ملحوظة: يرجى التأكد من صلاحية معرف البريد الإلكتروني وWhatsApp حتى تتمكن من الحصول على نتائج الاختبار الصحيحة.

بريد إلكتروني:
رقم الواتس اب/الهاتف: