Fortinet FCP_FAZ_AN-7.4 Practice Test - Questions Answers, Page 5
Question list
Related questions
Which two statements about playbook execution are true? (Choose two)
FortiAnalyzer will not commit changes made by a Failed playbook
The Playbook Monitor provides troubleshooting logs
You can <un the default debugging playbook to investigate playbook errors. O Even I the playbook status is Failed, individual tasks may have succeeded.
You discover that a few reports are taking a long tine lo generate. Which two steps can you Like to troubleshoot? (Choose two.)
Remove old reports from the hcache
Enable auto-cache and run the reports again
Increase the ADOM reports quota
Review report diagnostics
Which two statements about exporting and importing playbacks are true? (Choose two.)
A playbook that was disabled when it was exported mil be disabled when it is imported.
Playbooks can so imported 10 a different FortiAnayzer device, but only if the connectors already exist
You can import a playbook even if there is another one win the same name in the destination
You can export only one playbook at a time.
You are tasked with finding logs corresponding to a suspected attack on your network.
You need to use an interface where all identified threats within timeframe are listed and organized. You also need to be able to quickly export the information to a PDF file.
Where can you go to accomplish this task?
Log Browse
Log View
Fabric View
FortiView
Which statement about automation connectors in FortiAnalyzer is true?
An ADOM with the Fabric type comes with multiple connectors configured.
The local connector becomes available after you configured any external connector.
The local connector becomes available after you connectors are displayed.
The actions available with FortiOS connectors are determined by automation rules configured on FortiGate.
What is the purpose of using data selectors when configuring event handlers?
They filter the types of logs that FortiAnalyzer can accept from registered devices.
They download new filters can be used in event handlers.
They apply their filter criteria to the entire event handler so that you don't have to configure the same criteria in the individual rules.
They are common filters that can be applied simultaneously to all event handlers.
Which statement about exporting items in Report Definitions is true?
Templates can be exported.
Template exports contain associated charts and datasets.
Chart exports contain associated datasets.
Datasets can be exported.
Which log will generate an event with the status Contained?
An AV log with action=quarantine.
An IPS log with action=pass.
A WebFilter log will action=dropped.
An AppControl log with action=blocked.
Exhibit.
What does the data point at 12:20 indicate?
The log insert log time is increasing.
FortiAnalyzer is using its cache to avoid dropping logs.
The performance of FortiAnalyzer is below the baseline.
The sqiplugind service is caught up with the logs
Which statement about the FortiSIEM management extension is correct?
It allows you to manage the entire life cycle of a threat or breach.
It can be installed as a dedicated VM.
Its use of the available disk space is capped at 50%.
It requires a licensed FortiSIEM supervisor.
Question