Question 1
Which two parameters are used to calculate the Total Quota value available on FortiAnalyzer?
(Choose two.)
- A. Used storage
- B. Retention policy
- C. Reserved space
- D. Total system storage
Answer:
C,D
Explanation:
The Total Quota is derived from the total system storage minus any reserved space allocated for
system use, such as databases, system files, or reserved space for log retention policies. Used storage
and retention policies do not directly impact the calculation of the quota available, though they can
influence overall space utilization.
Comments
Question 2
Which two settings must you configure on FortiAnalyzer to allow non-local administrators to
authenticate on FortiAnalyzer with any user account in a single LDAP group? (Choose two.)
- A. A local wildcard administrator account
- B. An administrator group
- C. One or more remote LDAP servers
- D. LDAP servers IP addresses added as trusted hosts
Answer:
B,C
Explanation:
C . One or more remote LDAP servers: FortiAnalyzer needs to be configured to communicate with
your external LDAP server where the user accounts and groups reside. This involves setting up the
LDAP server address, port, and authentication details.
B . An administrator group: You need to create an administrator group on FortiAnalyzer and link it to
the specific LDAP group that contains the users you want to grant administrative access. This allows
any user within that LDAP group to authenticate and have the permissions assigned to the
administrator group on FortiAnalyzer.
This configuration allows FortiAnalyzer to authenticate users against the external LDAP server and
authorize them based on their membership in the designated LDAP group. This way, you don't need
to create individual local accounts for each administrator, simplifying user management and
centralizing authentication.
Comments
Question 3
An administrator has moved a FortiGate device from the root ADOM to ADOM1.
Which two statements are true regarding logs? (Choose two.)
- A. Analytics logs will be moved to ADOM1 from the root ADOM automatically.
- B. Archived logs will be moved to ADOM1 from the root ADOM automatically.
- C. Logs will be present in both ADOMs immediately after the move.
- D. Analytics logs will be moved to ADOM1 from the root ADOM after you rebuild the database.
Answer:
A,D
Explanation:
When a device is moved from one ADOM to another, analytics logs can be moved automatically, but
you may need to rebuild the database for the logs to be fully transferred and usable in the new
ADOM. Archived logs, however, do not move automatically between ADOMs.
Comments
Question 4
Which statement about the communication between FortiGate high availability (HA) clusters and
FortiAnalyzer is true?
- A. If devices were registered to FortiAnalyzer before forming a cluster, you can manually add them together.
- B. FortiAnalyzer distinguishes each cluster member by the IP addresses in log message headers.
- C. If the HA primary device becomes unavailable, you must remove it from the HA cluster list on FortiAnalyzer.
- D. The FortiGate HA cluster must be in active-passive mode in order to avoid conflict.
Answer:
A
Explanation:
This allows FortiAnalyzer to correctly identify and process logs from different members of the HA
cluster.
Comments
Question 5
An administrator has configured the following settings:
What is the purpose of executing these commands?
- A. To record the hash value and authentication code of log files.
- B. To encrypt log transfer between FortiAnalyzer and other devices.
- C. To create the secure channel used by the OFTP process.
- D. To verify the integrity of the log files received.
Answer:
A
Explanation:
The command set log-checksum md5-auth configures FortiAnalyzer to generate an MD5 hash for
each log file, along with an authentication code. This ensures that the integrity of the logs can be
verified, confirming that the logs have not been tampered with.
Comments
Question 6
Which statement correctly describes RAID 10 (1+0) on FortiAnalyzer?
- A. A configuration with four disks, each with 2 TB of capacity, provides a total space of 4 TB.B It combines mirroring striping and distributed parity to provide performance and fault tolerance
- B. A configuration with four disks, each with 2 TB of capacity, provides a total space of 2 TB.
- C. It uses striping to provide performance and fault tolerance.
Answer:
A
Explanation:
RAID 10 combines mirroring (RAID 1) and striping (RAID 0). In a RAID 10 setup with four disks, data is
mirrored across two pairs of disks, and those pairs are striped for performance. This results in
improved performance and fault tolerance, but the total usable storage is 50% of the total raw
storage, meaning four 2 TB disks provide 4 TB of usable space.
Comments
Question 7
Refer to the exhibit, which shows the HA configuration settings of a FortiAnalyzer device.
The administrator wants to join this FortiAnalyzer to an existing HA cluster. What can you conclude
from the configuration displayed?
- A. After joining the cluster, this FortiAnalyzer will forward received logs to its peers.
- B. This FortiAnalyzer will trigger a failover after losing communication with its peers for 10 seconds.
- C. This FortiAnalyzer is configured to route HA traffic through a gateway.
- D. This FortiAnalyzer will join the existing HA cluster as the secondary.
Answer:
D
Explanation:
page 138 of the FortiAnalyzer 7.4 Admin Study Guide. If there is an existing primary device, then this
device becomes a secondary device. The default role is Secondary, so that the device can synchronize
with the primary device. A secondary device cannot become a primary device unit it is synchronized
with the current primary device.
Comments
Question 8
Which two parameters impact the amount of reserved disk space required by FortiAnalyzer? (Choose
two.)
- A. Total quota
- B. License type
- C. RAID level
- D. Disk size
Answer:
C,D
Explanation:
RAID level affects how much disk space is reserved for redundancy and fault tolerance. For example,
RAID 1 mirrors data, meaning you need more space for redundancy, while RAID 5 or RAID 6 reserves
space for parity.
Disk size directly influences the total available and reserved space since the larger the disk, the more
space may need to be reserved for system functions, logs, and other operations.
The total quota and license type do not directly impact the reserved disk space, though they do
influence other aspects of capacity and functionality.
Comments
Question 9
Refer to the exhibit.
The exhibit shows the creation of a new administrator on FortiAnalyzer. The new account uses the
credentials stored on an LDAP server.
Why would an administrator configure a password for this account?
- A. This password is used if the authentication server becomes unreachable.
- B. This password authenticates FortiAnalyzer aqainst the LDAP server.
- C. This password is set to comply with FortiAnalvzer password policy
- D. This password is required because this is a restricted user.
Answer:
A
Explanation:
When using LDAP for authentication, a password can be set locally on FortiAnalyzer as a fallback
option in case the LDAP server becomes unreachable. This ensures that the administrator can still log
in if there are issues with the LDAP server.
Comments
Question 10
In a Fortinet Security Fabric, what can make an upstream FortiGate create traffic logs associated with
sessions initiated on downstream FortiGate devices?
- A. The traffic destination is another FortiGate in the fabric.
- B. The upstream FortiGate is configured to do NAT
- C. Log redundancy is configured in the fabric.
- D. The downstream device cannot connect to FortiAnalyzer.
Answer:
B
Explanation:
When the upstream FortiGate is performing Network Address Translation (NAT), it creates new
session entries for traffic passing through it. As a result, it generates its own traffic logs for those
sessions, even if the sessions were initiated on a downstream FortiGate. This is because the
upstream FortiGate is altering the source IP address, making it responsible for tracking the session
details.
Comments
Page 1 out of 18
Viewing questions 1-10 out of 183
page 2