In FortiAnalyzer’s FormView, source and destination IP addresses from FortiGate devices are not resolving to a hostname. How can you resolve the source and destination IPs, without introducing any additional performance impact to FortiAnalyzer?A . Configure local DNS servers on FortiAnalyzerB . Resolve IPs on FortiGateC . Configure # set resolve-ip enable in the...Continue reading
What statements are true regarding the "store and upload" log transfer option between FortiAnalyzer and FortiGate? (Choose three.)A . All FortiGates can send logs to FortiAnalyzer using the store and upload option.B . Only FortiGate models with hard disks can send logs to FortiAnalyzer using the store and upload option.C . Both secure communications...Continue reading
How can you configure FortiAnalyzer to permit administrator logins from only specific locations?A . Use static routesB . Use administrative profilesC . Use trusted hostsD . Use secure protocols View Answer Answer: C Explanation: https://docs.fortinet.com/document/fortianalyzer/6.2.5/administration-guide/186508/trusted-hosts...
Which log type does the FortiAnalyzer indicators of compromise feature use to identify infected hosts?A . Antivirus logsB . Web filter logsC . IPS logsD . Application control logs View Answer Answer: B Explanation: Reference: https://help.fortinet.com/fa/faz50hlp/60/6-0-2/Content/FortiAnalyzer_Admin_Guide/3600_FortiView/0200_Using_FortiView/1200_Compromised_hosts_page.htm?TocPath=FortiView%7CUsing%20FortiView%7C_____6...
Which statement is true regarding Macros on FortiAnalyzer?A . Macros are ADOM specific and each ADOM will have unique macros relevant to that ADOC . Macros are supported only on the FortiGate ADOE . Macros are useful in generating excel log files automatically based on the reports settings.F . Macros are predefined templates for...Continue reading
Consider the CLI command: What is the purpose of the command?A . To add a unique tag to each log to prove that it came from this FortiAnalyzerB . To add the MD5 hash value and authentication codeC . To add a log file checksumD . To encrypt log communications View Answer Answer: C...Continue reading
If you upgrade the FortiAnalyzer firmware, which report element can be affected?A . Custom datasetsB . Report schedulingC . Report settingsD . Output profiles View Answer Answer: B Explanation: https://docs.fortinet.com/document/fortianalyzer/6.2.5/upgrade-guide/669300/checking-reports...
If a hard disk fails on a FortiAnalyzer that supports software RAID, what should you do to bring the FortiAnalyzer back to functioning normally, without losing data?A . Hot swap the diskB . Replace the disk and rebuild the RAID manuallyC . Take no action if the RAID level supports a failed diskD ....Continue reading
After you have moved a registered logging device out of one ADOM and into a new ADOM, what is the purpose of running the following CLI command? execute sql-local rebuild-adom <new-ADOM-name>A . To reset the disk quota enforcement to defaultB . To remove the analytics logs of the device from the old databaseC ....Continue reading
View the exhibit: What does the 1000MB maximum for disk utilization refer to?A . The disk quota for the FortiAnalyzer modelB . The disk quota for all devices in the ADOMC . The disk quota for each device in the ADOMD . The disk quota for the ADOM type View Answer Answer: B Explanation:...Continue reading