ExamGecko
Search Search Login
Home Home / Fortinet / FCP_FAZ_AD-7.4
Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which two statements regarding FortiAnalyzer log forwarding modes are true? (Choose two.)
Refer to the exhibit. Which image corresponds to the packet capture shown in the exhibit? A) B) C) D)
What does the disk status Degraded mean for RAID management?
Refer to the exhibit. The exhibit shows the creation of a new administrator on FortiAnalyzer. The new account uses the credentials stored on an LDAP server. Why would an administrator configure a password for this account?
What are offline logs on FortiAnalyzer?
What is the purpose of the FortiAnalyzer command diagnose system print netstat?
Which two statements about deleting ADOMs are true? (Choose two.)
Which two parameters are used to calculate the Total Quota value available on FortiAnalyzer? (Choose two.)
Which two settings must you configure on FortiAnalyzer to allow non-local administrators to authenticate on FortiAnalyzer with any user account in a single LDAP group? (Choose two.)
An administrator has moved a FortiGate device from the root ADOM to ADOM1. Which two statements are true regarding logs? (Choose two.)

Question 17 - FCP_FAZ_AD-7.4 discussion

Report
Export

Refer to the exhibit.

The capture displayed was taken on a FortiAnalyzer.

Why is a single IP address shown as the source for all logs received?

A.

FortiAnalyzer is using the device MAC addresses to differentiate their logs.

Answers
A.

FortiAnalyzer is using the device MAC addresses to differentiate their logs.

B.

The logs belong to devices that are part of a high availability (HA) cluster.

Answers
B.

The logs belong to devices that are part of a high availability (HA) cluster.

C.

FortiAnalyzer is receiving logs from the root FortiGate of a Security Fabric.

Answers
C.

FortiAnalyzer is receiving logs from the root FortiGate of a Security Fabric.

D.

The device sending logs has two VDOMs in the same ADOM.

Answers
D.

The device sending logs has two VDOMs in the same ADOM.

Suggested answer: C

Explanation:

In a Fortinet Security Fabric, logs from downstream devices can be sent to FortiAnalyzer through the root FortiGate. This is why all the logs have the same source IP address (the root FortiGate). The root FortiGate aggregates and forwards the logs from all downstream devices, so the source IP in the log capture will appear to be from the root FortiGate itself, even though the logs originate from multiple devices within the fabric.

Show Answer
asked 10/10/2024
Balanavaneethan Nitharsan
29 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms