Fortinet FCP_FAZ_AD-7.4 Exam Questions Instant Access

Question 1

Which two statements are true about FortiAnalyzer log forwarding modes? (Choose two.)

ABoth modes, forwarding and aggregation send logs as soon as they are received.

BAggregation mode requires two FortiAnalyzer devices.

CForwarding mode forwards logs to other FortiAnalyzer devices syslog servers, or CEF servers.

DForwarding mode requires configuration on the server side.

Answer : B, C

Question 2

Which clause is considered mandatory in SELECT statements used by the FortiAnalyzer to generate reports?

AFROM

BLIMIT

CWHERE

DORDER BY

Answer : A

Question 3

For proper log correlation between the logging devices and FortiAnalyzer, FortiAnalyzer and all registered

devices should:

AUse DNS

BUse host name resolution

CUse real-time forwarding

DUse an NTP server

Answer : D

Question 4

What is the purpose of employing RAID with FortiAnalyzer?

ATo introduce redundancy to your log data

BTo provide data separation between ADOMs

CTo separate analytical and archive data

DTo back up your logs

Answer : A

https://en.wikipedia.org/wiki/RAID#:~:text=RAID%20(%22Redundant%20Array%20of%20Inexpensive,%2C%20performance%20improvement%2C%20or%20both.

Question 5

On FortiAnalyzer, what is a wildcard administrator account?

AAn account that permits access to members of an LDAP group

BAn account that allows guest access with read-only privileges

CAn account that requires two-factor authentication

DAn account that validates against any user account on a FortiAuthenticator

Answer : A

https://docs.fortinet.com/document/fortigate/6.2.0/cookbook/747268/configuring-wildcard-admin-accounts

Question 6

Which statements are true regarding securing communications between FortiAnalyzer and FortiGate with IPsec? (Choose two.)

AMust configure the FortiAnalyzer end of the tunnel only--the FortiGate end is auto-negotiated.

BMust establish an IPsec tunnel ID and pre-shared key.

CIPsec cannot be enabled if SSL is enabled as well.

DIPsec is only enabled through the CLI on FortiAnalyzer.

Answer : B, D

Option B is correct because you must establish an IPsec tunnel ID and pre-shared key to secure the communication between FortiAnalyzer and FortiGate with IPsec12. The tunnel ID is a unique identifier for each tunnel and the pre-shared key is a secret passphrase that authenticates the peers.

Option D is correct because IPsec is only enabled through the CLI on FortiAnalyzer1. You cannot configure IPsec settings through the GUI on FortiAnalyzer.

Question 7

What is the purpose of output variables?

ATo store playbook execution statistics

BTo use the output of the previous task as the input of the current task

CTo display details of the connectors used by a playbook

DTo save all the task settings when a playbook is exported

Answer : B

FortiAnalyzer_7.0_Study_Guide-Online.pdf page 242: Output variables allow you to use the output from a preceding task as an input to the current task.

'Output variables allow you to use the output from a preceding task as an input to the current task.' FortiAnalyzer_7.0_Study_Guide-Online page 242

Fortinet FCP - FortiAnalyzer 7.4 Administrator FCP_FAZ_AD-7.4 Exam Questions