FCP_FAZ_AD-7.4 Practice Exam Questions and Answers

A.  

SQL FROM statement

B.  

SQL GET statement

C.  

SQL SELECT statement

D.  

SQL EXTRACT statement

A.  

Both modes, forwarding and aggregation, support encryption of logs between devices.

B.  

In aggregation mode, you can forward logs to syslog and CEF servers as well.

C.  

Aggregation mode stores logs and content files and uploads them to another FortiAnalyzer device at a scheduled time.

D.  

Forwarding mode forwards logs in real time only to other FortiAnalyzer devices.

A.  

The FortiAnalyzer stops logging once the disk log quota is met.

B.  

The FortiAnalyzer automatically sets the disk log quota based on the device.

C.  

The FortiAnalyzer can overwrite the oldest logs or stop logging once the disk log quota is met.

D.  

The FortiAnalyzer disk log quota is configurable, but has a minimum o 100mb a maximum based on the reserved system space.

A.  

The endpoint is marked as Compromised and. optionally, can be put in quarantine.

B.  

FortiAnalyzer flags the associated host for further analysis.

C.  

A new Infected entry is added for the corresponding endpoint.

D.  

The detection engine classifies those logs as Suspicious

A.  

Analytics logs will be moved to ADOM1 from the root ADOM automatically.

B.  

Archived logs will be moved to ADOM1 from the root ADOM automatically.

C.  

Logs will be present in both ADOMs immediately after the move.

D.  

Analytics logs will be moved to ADOM1 from the root ADOM after you rebuild the database.

A.  

The connection between FortiGate and FortiAnalyzer is overloaded.

B.  

FortiGate has logs to send, but FortiAnalyzer is unavailable.

C.  

FortiGate is configured to send logs in batches.

D.  

FortiGate is sending logs again after it performed a reboot.

A.  

Use the execute sql-local rebuild-db command to rebuild all ADOM databases.

B.  

Use the execute sql-local rebuild-adom ADOM1 command to rebuild the ADOM database.

C.  

Use the execute sql-report run ADOM1 command to run a report.

D.  

Use the execute sql-local rebuild-adom root command to rebuild the ADOM database.

A.  

It automatically updates the hcache when new logs arrive.

B.  

It provides diagnostics on report generation time.

C.  

It reduces the log insert lag rate.

D.  

It reduces report generation time.

A.  

To store playbook execution statistics

B.  

To use the output of the previous task as the input of the current task

C.  

To display details of the connectors used by a playbook

D.  

To save all the task settings when a playbook is exported

A.  

Logs must be purged or migrated before you can delete an ADOM.

B.  

ADOMs with registered devices cannot be deleted.

C.  

Default ADOMs cannot be deleted.

D.  

The status of the ADOMs must be unlocked.