Month End Special Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

FCP_FAZ_AD-7.4 Exam Dumps - FCP - FortiAnalyzer 7.4 Administrator

Go to page:
Question # 17

Refer to the exhibit.

Laptopt is used by several administrators to manage FortiAnalyzer. You want to configure a generic text filter that matches all login attempts to the web interface generated by any user other than "admin" and coming from Laptop1:

Which filter will achieve the desired result?

A.

operation-login & performed_on=="GUI(10.1.1.100)" & user!=admin

B.

operation-login & srcip==10.1.1.100 & dstip==10.1.1.210 & user==admin

C.

operation-login & dstip==10.1.1.210 & userl-admin

D.

operation-login & performed_on=="GUI(10.1.1.210)' & user!=admin

Full Access
Question # 18

Why run the command diagnose sql status sqlplugind?

A.

To list the current SQL processes running

B.

To check what is the database log insertion status

C.

To display the SOL query connections and hcache status

D.

To view the current hcache size

Full Access
Question # 19

FortiAnalyzer reports are dropping analytical data from 15 days ago, even though the data policy setting for

analytics logs is 60 days.

What is the most likely problem?

A.

Quota enforcement is acting on analytical data before a report is complete

B.

Logs are rolling before the report is run

C.

CPU resources are too high

D.

Disk utilization for archive logs is set for 15 days

Full Access
Question # 20

What is the purpose of trigger variables?

A.

To display statistics about the playbook runtime

B.

To use information from the trigger to filter the action in a task

C.

To provide the trigger information to make the playbook start running

D.

To store the start times of playbooks with On_Schedule triggers

Full Access
Question # 21

Which two of the available registration methods place the device automatically in its assigned ADOM? {Choose two.)

A.

Serial number

B.

Pre-shared key

C.

Fabric Authorization

D.

Request from the device

Full Access
Question # 22

Refer to the exhibit.

Which statement is correct regarding the event displayed?

A.

The security risk was blocked or dropped.

B.

The security event risk is considered open.

C.

An incident was created from this event.

D.

The risk source is isolated.

Full Access
Question # 23

You are using RAID with a FortiAnalyzer that supports software RAID, and one of the hard disks on

FortiAnalyzer has failed.

What is the recommended method to replace the disk?

A.

Shut down FortiAnalyzer and then replace the disk

B.

Downgrade your RAID level, replace the disk, and then upgrade your RAID level

C.

Clear all RAID alarms and replace the disk while FortiAnalyzer is still running

D.

Perform a hot swap

Full Access
Question # 24

Which two of the following must you configure on FortiAnalyzer to email a FortiAnalyzer report externally?

(Choose two.)

A.

Mail server

B.

Output profile

C.

SFTP server

D.

Report scheduling

Full Access
Go to page: