لا تريد أن تفوت شيئا؟

نصائح اجتياز امتحان الشهادة

آخر أخبار الامتحانات ومعلومات الخصم

برعاية وحديثة من قبل خبرائنا

نعم، أرسل لي النشرة الإخبارية

خذ اختبارات أخرى عبر الإنترنت

السؤال #1
Logs are being deleted from one of your ADOMs earlier that the configured setting for archiving in your data policy. What is the most likely problem?
A. he total disk space is insufficient and you need to add other disk
B. PU resources are too high
C. he ADOM disk quota is set too low based on log rates
D. ogs in that ADOM are being forwarded in real-time to another FortiAnalyzer device
عرض الإجابة
اجابة صحيحة: C
السؤال #2
What must you consider when using log fetching? (Choose two.)
A. The fetch client can retrieve logs from devices that are not added to its local Device Manager
B. You can use filters to include only logs from a single device
C. The fetching profile must include a user with the Super_User profile
D. The archive logs retrieved from the server become archive logs in the client
عرض الإجابة
اجابة صحيحة: AB
السؤال #3
What happens when a log file saved on FortiAnalyzer disks reaches the size specified in the device log settings?
A. he log file is stored as a raw log and is available for analytic support
B. he log file rolls over and is archived
C. he log file is purged from the database
D. he log file is overwritten
عرض الإجابة
اجابة صحيحة: B
السؤال #4
What purposes does the auto-cache setting on reports serve? (Choose two.)
A. utput profiles
B. eport settings
C. eport scheduling
D. ustom datasets
عرض الإجابة
اجابة صحيحة: AB
السؤال #5
What FortiGate process caches logs when FortiAnalyzer is not reachable?
A. ogfiled
B. qlplugind
C. ftpd
D. iglogd
عرض الإجابة
اجابة صحيحة: D
السؤال #6
Which statement about the FortiSOAR management extension is correct?
A. t requires a FortiManager configured to manage FortiGate
B. t requires a dedicated FortiSOAR device or VM
C. t does not include a limited trial by default
D. t runs as a docker container on FortiAnalyzer
عرض الإجابة
اجابة صحيحة: D
السؤال #7
Refer to the exhibit.What is the purpose of using the Chart Builder feature on FortiAnalyzer?
A. To add a new chart under FortiView to be used in new reports
B. To build a dataset and chart automatically, based on the filtered search results
C. To add charts directly to generate reports in the current ADOM
D. To build a chart automatically based on the top 100 log entries
عرض الإجابة
اجابة صحيحة: B
السؤال #8
FortiAnalyzer uses the Optimized Fabric Transfer Protocok (OFTP) over SSL for what purpose?
A. o upload logs to an SFTP server
B. o prevent log modification during backup
C. o send an identical set of logs to a second logging server
D. o encrypt log communication between devices
عرض الإجابة
اجابة صحيحة: D
السؤال #9
Why should you use an NTP server on FortiAnalyzer and all registered devices that log into FortiAnalyzer?
A. o properly correlate logs
B. o use real-time forwarding
C. o resolve host names
D. o improve DNS response times
عرض الإجابة
اجابة صحيحة: A
السؤال #10
What FortiView tool can you use to automatically build a dataset and chart based on a filtered search result?
A. hart Builder
B. xport to Report Chart
C. ataset Library
D. ustom View
عرض الإجابة
اجابة صحيحة: B
السؤال #11
You are using RAID with a FortiAnalyzer that supports software RAID, and one of the hard disks on FortiAnalyzer has failed.What is the recommended method to replace the disk?
A. ortiAnalyzer is ensuring that the parity data of a redundant drive is valid
B. ortiAnalyzer is writing data to a newly added hard drive to restore it to an optimal state
C. ortiAnalyzer is writing to all of its hard drives to make the array fault tolerant
D. ortiAnalyzer is functioning normally
عرض الإجابة
اجابة صحيحة: A
السؤال #12
Which two settings must you configure on FortiAnalyzer to allow non-local administrators to authenticate to FortiAnalyzer with any user account in a single LDAP group? (Choose two.)
A. ROM
B. IMIT
C. HERE
D. RDER BY
عرض الإجابة
اجابة صحيحة: AB
السؤال #13
Refer to the exhibit.The image displays the configuration of a FortiAnalyzer the administrator wants to join to an existing HA cluster.What can you conclude from the configuration displayed?
A. This FortiAnalyzer will join to the existing HA cluster as the primary
B. This FortiAnalyzer is configured to receive logs in its port1
C. This FortiAnalyzer will trigger a failover after losing communication with its peers for 10 seconds
D. After joining to the cluster, this FortiAnalyzer will keep an updated log database
عرض الإجابة
اجابة صحيحة: D
السؤال #14
In FortiAnalyzer's FormView, source and destination IP addresses from FortiGate devices are not resolving to a hostname. How can you resolve the source and destination IPs, without introducing any additional performance impact to FortiAnalyzer?
A. onfigure local DNS servers on FortiAnalyzer
B. esolve IPs on FortiGate
C. onfigure # set resolve-ip enable in the system FortiView settings
D. esolve IPs on a per-ADOM basis to reduce delay on FortiView while IPs resolve
عرض الإجابة
اجابة صحيحة: B
السؤال #15
Which two constraints can impact the amount of reserved disk space required by FortiAnalyzer? (Choose two.)
A. he disk quota for the FortiAnalyzer model
B. he disk quota for all devices in the ADOM
C. he disk quota for each device in the ADOM
D. he disk quota for the ADOM type
عرض الإجابة
اجابة صحيحة: BD
السؤال #16
A playbook contains five tasks in total. An administrator runs the playbook and four out of five tasks finish successfully, but one task fails.What will be the status of the playbook after it is run?
A. Running
B. Failed
C. Upstream_failed
D. Success
عرض الإجابة
اجابة صحيحة: B
السؤال #17
Logs are being deleted from one of the ADOMs earlier than the configured setting for archiving in the data policy. What is the most likely problem?
A. PU resources are too high
B. ogs in that ADOM are being forwarded, in real-time, to another FortiAnalyzer device
C. he total disk space is insufficient and you need to add other disk
D. he ADOM disk quota is set too low, based on log rates
عرض الإجابة
اجابة صحيحة: D
السؤال #18
What is the purpose of a dataset query in FortiAnalyzer?
A. t sorts log data into tables
B. t extracts the database schema
C. t retrieves log data from the database
D. t injects log data into the database
عرض الإجابة
اجابة صحيحة: C
السؤال #19
What are two effects of enabling auto-cache in a FortiAnalyzer report? (Choose two.)
A. The size of newly generated reports is optimized to conserve disk space
B. FortiAnalyzer local cache is used to store generated reports
C. When new logs are received, the hard-cache data is updated automatically
D. The generation time for reports is decreased
عرض الإجابة
اجابة صحيحة: CD
السؤال #20
You have recently grouped multiple FortiGate devices into a single ADOM. System Settings > Storage Info shows the quota used.What does the disk quota refer to?
A. he maximum disk utilization for each device in the ADOM
B. he maximum disk utilization for the FortiAnalyzer model
C. he maximum disk utilization for the ADOM type
D. he maximum disk utilization for all devices in the ADOM
عرض الإجابة
اجابة صحيحة: D
السؤال #21
Which daemon is responsible for enforcing raw log file size?
A. his command records the log file MD5 hash value
B. his command records passwords in log files and encrypts them
C. his command encrypts log transfer between FortiAnalyzer and other devices
D. his command records the log file MD5 hash value and authentication code
عرض الإجابة
اجابة صحيحة: A
السؤال #22
Which statements are correct regarding FortiAnalyzer reports? (Choose two)
A. ortiView
B. vent Management
C. evice Manger
D. eporting
عرض الإجابة
اجابة صحيحة: AB
السؤال #23
What can the CLI command # diagnose test application oftpd 3 help you to determine?
A. hat devices and IP addresses are connecting to FortiAnalyzer
B. hat logs, if any, are reaching FortiAnalyzer
C. hat ADOMs are enabled and configured
D. hat devices are registered and unregistered
عرض الإجابة
اجابة صحيحة: A
السؤال #24
FortiAnalyzer uses the Optimized Fabric Transfer Protocok (OFTP) over SSL for what purpose?
A. o upload logs to an SFTP server
B. o prevent log modification during backup
C. o send an identical set of logs to a second logging server
D. o encrypt log communication between devices
عرض الإجابة
اجابة صحيحة: D
السؤال #25
Why run the command diagnose sql status sqlplugind?
A. o list the current SQL processes running
B. o check what is the database log insertion status
C. o display the SOL query connections and hcache status
D. o view the current hcache size
عرض الإجابة
اجابة صحيحة: C
السؤال #26
What is the main purpose of using an NTP server on FortiAnalyzer and all of its registered devices?
A. og correlation
B. ost name resolution
C. og collection
D. eal-time forwarding
عرض الإجابة
اجابة صحيحة: A
السؤال #27
If a hard disk fails on a FortiAnalyzer that supports software RAID, what should you do to bring the FortiAnalyzer back to functioning normally, without losing data?
A. ot swap the disk
B. eplace the disk and rebuild the RAID manually
C. ake no action if the RAID level supports a failed disk
D. hut down FortiAnalyzer and replace the disk
عرض الإجابة
اجابة صحيحة: D
السؤال #28
View the exhibit. What does the data point at 14:35 tell you?
A. ortiAnalyzer is dropping logs
B. ortiAnalyzer is indexing logs faster than logs are being received
C. ortiAnalyzer has temporarily stopped receiving logs so older logs’ can be indexed
D. he sqlplugind daemon is ahead in indexing by one log
عرض الإجابة
اجابة صحيحة: B
السؤال #29
Refer to the exhibit.What does the data point at 12.20 indicate?
A. he performance of FortiAnalyzer is below the baseline
B. ortiAnalyzer is using its cache to avoid dropping logs
C. he log insert lag time is increasing
D. he sqlplugind service is caught up with new logs
عرض الإجابة
اجابة صحيحة: C
السؤال #30
For which two purposes would you use the command set log checksum? (Choose two.)
A. he received rate is almost at its maximum for this device
B. he sqlplugind daemon is behind in log indexing by two logs
C. ogs are being dropped
D. aw logs are reaching FortiAnalyzer faster than they can be indexed
عرض الإجابة
اجابة صحيحة: AB
السؤال #31
Which statement about the FortiSIEM management extension is correct?
A. Allows you to manage the entire life cycle of a threat or breach
B. Its use of the available disk space is capped at 50%
C. It requires a licensed FortiSIEM supervisor
D. It can be installed as a dedicated VM
عرض الإجابة
اجابة صحيحة: C
السؤال #32
Which two statements are true regarding FortiAnalyzer log forwarding? (Choose two.)
A. Both modes, forwarding and aggregation, support encryption of logs between devices
B. In aggregation mode, you can forward logs to syslog and CEF servers as well
C. Aggregation mode stores logs and content files and uploads them to another FortiAnalyzer device at a scheduled time
D. Forwarding mode forwards logs in real time only to other FortiAnalyzer devices
عرض الإجابة
اجابة صحيحة: BD
السؤال #33
Which FortiAnalyzer feature allows you to retrieve the archived logs matching a specific timeframe from another FortiAnalyzer device?
A. og upload
B. ndicators of Compromise
C. og forwarding an aggregation mode
D. og fetching
عرض الإجابة
اجابة صحيحة: D
السؤال #34
If a hard disk fails on a FortiAnalyzer that supports software RAID, what should you do to bring the FortiAnalyzer back to functioning normally, without losing data?
A. ot swap the disk
B. eplace the disk and rebuild the RAID manually
C. ake no action if the RAID level supports a failed disk
D. hut down FortiAnalyzer and replace the disk
عرض الإجابة
اجابة صحيحة: D
السؤال #35
Which log type does the FortiAnalyzer indicators of compromise feature use to identify infected hosts?
A. ntivirus logs
B. eb filter logs
C. PS logs
D. pplication control logs
عرض الإجابة
اجابة صحيحة: B
السؤال #36
Which FortiAnalyzer feature allows you to retrieve the archived logs matching a specific timeframe from another FortiAnalyzer device?
A. og upload
B. ndicators of Compromise
C. og forwarding an aggregation mode
D. og fetching
عرض الإجابة
اجابة صحيحة: D
السؤال #37
Which two statements are correct regarding the export and import of playbooks? (Choose two.)
A. You can import a playbook even if there is another one with the same name in the destination
B. Playbooks can be exported and imported only within the same FortiAnalyzer device
C. You can export only one playbook at a time
D. A playbook that was disabled when it was exported will be disabled when it is imported
عرض الإجابة
اجابة صحيحة: AD
السؤال #38
What can the CLI command # diagnose test application oftpd 3 help you to determine?
A. hat devices and IP addresses are connecting to FortiAnalyzer
B. hat logs, if any, are reaching FortiAnalyzer
C. hat ADOMs are enabled and configured
D. hat devices are registered and unregistered
عرض الإجابة
اجابة صحيحة: A
السؤال #39
Why should you use an NTP server on FortiAnalyzer and all registered devices that log into FortiAnalyzer?
A. o properly correlate logs
B. o use real-time forwarding
C. o resolve host names
D. o improve DNS response times
عرض الإجابة
اجابة صحيحة: A
السؤال #40
View the exhibit.What does the data point at 14:35 tell you?
A. ortiAnalyzer is dropping logs
B. ortiAnalyzer is indexing logs faster than logs are being received
C. ortiAnalyzer has temporarily stopped receiving logs so older logs' can be indexed
D. he sqlplugind daemon is ahead in indexing by one log
عرض الإجابة
اجابة صحيحة: B
السؤال #41
View the exhibit. Why is the total quota less than the total system storage?
A.
B. ome space is reserved for system use, such as storage of compression files, upload files, and temporary report files
C. he oftpd process has not archived the logs yet
D. he logfiled process is just estimating the total quota
عرض الإجابة
اجابة صحيحة: B
السؤال #42
FortiAnalyzer reports are dropping analytical data from 15 days ago, even though the data policy setting for analytics logs is 60 days. What is the most likely problem?
A. uota enforcement is acting on analytical data before a report is complete
B. ogs are rolling before the report is run
C. PU resources are too high
D. isk utilization for archive logs is set for 15 days
عرض الإجابة
اجابة صحيحة: B
السؤال #43
You need to upgrade your FortiAnalyzer firmware.What happens to the logs being sent to FortiAnalyzer from FortiGate during the time FortiAnalyzer is temporarily unavailable?
A. ortiAnalyzer uses log fetching to retrieve the logs when back online
B. ortiGate uses the miglogd process to cache the logs
C. he logfiled process stores logs in offline mode
D. ogs are dropped
عرض الإجابة
اجابة صحيحة: B
السؤال #44
For which two purposes would you use the command set log checksum? (Choose two.)
A. he received rate is almost at its maximum for this device
B. he sqlplugind daemon is behind in log indexing by two logs
C. ogs are being dropped
D. aw logs are reaching FortiAnalyzer faster than they can be indexed
عرض الإجابة
اجابة صحيحة: AB
السؤال #45
A rogue administrator was accessing FortiAnalyzer without permission, and you are tasked to see what activity was performed by that rogue administrator on FortiAnalyzer.What can you do on FortiAnalyzer to accomplish this?
A. Click Task Monitor and view the tasks performed by that administrator
B. Click Fabric View and view the tasks performed by the rogue administrator
C. Click Log View and generate a report for that administrator
D. Click FortiView and generate a report for that administrator
عرض الإجابة
اجابة صحيحة: C
السؤال #46
Refer to the exhibits.How many events will be added to the incident created after running this playbook?
A. No events will be added
B. Ten events will be added
C. Five events will be added
D. Thirteen events will be added
عرض الإجابة
اجابة صحيحة: D
السؤال #47
Which statement describes a dataset in FortiAnalyzer?
A. They determine what data is retrieved from the database
B. They provide the layout used for reports
C. They are used to set the data included in templates
D. They define the chart types to be used in reports
عرض الإجابة
اجابة صحيحة: A
السؤال #48
Which FortiAnalyzer feature allows you to use a proactive approach when managing your network security?
A. Outbreak alert services
B. FortiView Monitor
C. Threat hunting
D. Incidents dashboard
عرض الإجابة
اجابة صحيحة: C
السؤال #49
Which two actions should an administrator take to view Compromised Hosts on FortiAnalyzer? (Choose two.)
A. Enable web filtering in firewall policies on FortiGate devices, and make sure these logs are sent to FortiAnalyzer
B. Make sure all endpoints are reachable by FortiAnalyzer
C. Enable device detection on an interface on the FortiGate devices that are connected to the FortiAnalyzer device
D. Subscribe FortiAnalyzer to FortiGuard to keep its local threat database up to date
عرض الإجابة
اجابة صحيحة: AC
السؤال #50
What is the purpose of a dataset query in FortiAnalyzer?
A. t sorts log data into tables
B. t extracts the database schema
C. t retrieves log data from the database
D. t injects log data into the database
عرض الإجابة
اجابة صحيحة: C
السؤال #51
Logs are being deleted from one of the ADOMs earlier than the configured setting for archiving in the data policy.What is the most likely problem?
A. PU resources are too high
B. ogs in that ADOM are being forwarded, in real-time, to another FortiAnalyzer device
C. he total disk space is insufficient and you need to add other disk
D. he ADOM disk quota is set too low, based on log rates
عرض الإجابة
اجابة صحيحة: D
السؤال #52
Refer to the exhibit.What does the data point at 14:55 tell you?
A. hut down FortiAnalyzer and then replace the disk
B. owngrade your RAID level, replace the disk, and then upgrade your RAID level
C. lear all RAID alarms and replace the disk while FortiAnalyzer is still running
D. erform a hot swap
عرض الإجابة
اجابة صحيحة: D
السؤال #53
You have recently grouped multiple FortiGate devices into a single ADOM. System Settings > Storage Info shows the quota used. What does the disk quota refer to?
A. he maximum disk utilization for each device in the ADOM
B. he maximum disk utilization for the FortiAnalyzer model
C. he maximum disk utilization for the ADOM type
D. he maximum disk utilization for all devices in the ADOM
عرض الإجابة
اجابة صحيحة: D
السؤال #54
Which log will generate an event with the status Contained?
A. An IPS log with action=pass
B. AWebFilter log with action=dropped
C. An AV log with action=quarantine
D. An AppControl log with action=blocked
عرض الإجابة
اجابة صحيحة: C
السؤال #55
Which tabs do not appear when FortiAnalyzer is operating in Collector mode?
A. ortiAnalyzer overwrites the log files
B. ortiAnalyzer stops logging
C. ortiAnalyzer rolls the active log by renaming the file
D. ortiAnalyzer forwards logs to syslog
عرض الإجابة
اجابة صحيحة: B
السؤال #56
You created a playbook on FortiAnalyzer that uses a FortiOS connector.When configuring the FortiGate side, which type of trigger must be used so that the actions in an automation stitch are available in the FortiOS connector?
A. FortiAnalyzer Event Handler
B. Incoming webhook
C. FortiOS Event Log
D. Fabric Connector event
عرض الإجابة
اجابة صحيحة: C
السؤال #57
Which two constraints can impact the amount of reserved disk space required by FortiAnalyzer? (Choose two.)
A. he disk quota for the FortiAnalyzer model
B. he disk quota for all devices in the ADOM
C. he disk quota for each device in the ADOM
D. he disk quota for the ADOM type
عرض الإجابة
اجابة صحيحة: BD
السؤال #58
Which two statements are correct regarding the export and import of playbooks? (Choose two.)
A. Playbooks can be exported and imported only within the same FortiAnalyzer
B. You can export only one playbook at a time
C. A playbook that was disabled when it was exported, will be disabled when it is imported
D. You can import a playbook even if there is another one with the same name in the destination
عرض الإجابة
اجابة صحيحة: AC
السؤال #59
If you upgrade the FortiAnalyzer firmware, which report element can be affected?
A. ustom datasets
B. eport scheduling
C. eport settings
D. utput profiles
عرض الإجابة
اجابة صحيحة: A
السؤال #60
If you upgrade your FortiAnalyzer firmware, what report elements can be affected?
A. QL FROM statement
B. QL GET statement
C. QL SELECT statement
D. QL EXTRACT statement
عرض الإجابة
اجابة صحيحة: D

عرض الإجابات بعد التقديم

يرجى إرسال البريد الإلكتروني الخاص بك والواتس اب للحصول على إجابات الأسئلة.

ملحوظة: يرجى التأكد من صلاحية معرف البريد الإلكتروني وWhatsApp حتى تتمكن من الحصول على نتائج الاختبار الصحيحة.

بريد إلكتروني:
رقم الواتس اب/الهاتف: