What are analytics logs on FortiAnalyzer?
A. Log type Traffic logs.
B. Logs that roll over when the log file reaches a specific size.
C. Logs that are indexed and stored in the SQL.
D. Raw logs that are compressed and saved to a log file.
Refer to the exhibit.
Which two statements are true regarding enabling auto-cache on FortiAnalyzer? (Choose two.)
A. Report size will be optimized to conserve disk space on FortiAnalyzer.
B. Reports will be cached in the memory.
C. This feature is automatically enabled for scheduled reports.
D. Enabling auto-cache reduces report generation time for reports that require a long time to assemble datasets.
What is the purpose of a dataset query in FortiAnalyzer?
A. It sorts log data into tables
B. It extracts the database schema
C. It retrieves log data from the database
D. It injects log data into the database
In order for FortiAnalyzer to collect logs from a FortiGate device, what configuration is required? (Choose two.)
A. Remote logging must be enabled on FortiGate
B. Log encryption must be enabled
C. ADOMs must be enabled
D. FortiGate must be registered with FortiAnalyzer
An administrator has configured the following settings:
config system global set log-checksum md5-auth end
What is the significance of executing this command?
A. This command records the log file MD5 hash value.
B. This command records passwords in log files and encrypts them.
C. This command encrypts log transfer between FortiAnalyzer and other devices.
D. This command records the log file MD5 hash value and authentication code.
What statements are true regarding FortiAnalyzer 's treatment of high availability (HA) dusters? (Choose two)
A. FortiAnalyzer distinguishes different devices by their serial number.
B. FortiAnalyzer receives logs from d devices in a duster.
C. FortiAnalyzer receives bgs only from the primary device in the cluster.
D. FortiAnalyzer only needs to know (he serial number of the primary device in the cluster-it automaticaly discovers the other devices.
What remote authentication servers can you configure to validate your FortiAnalyzer administrator logons? (Choose three)
A. RADIUS
B. Local
C. LDAP
D. PKI
E. TACACS+
For which two SAML roles can the FortiAnalyzer be configured? (Choose two.)
A. Principal
B. Service provider
C. Identity collector
D. Identity provider
Refer to the exhibit.
Laptopt is used by several administrators to manage FortiAnalyzer. You want to configure a generic text filter that matches all login attempts to the web interface generated by any user other than "admin" and coming from Laptop1: Which filter will achieve the desired result?
A. operation-login and performed_on=="GUI(10.1.1.100)" and user!=admin
B. operation-login and srcip==10.1.1.100 and dstip==10.1.1.210 and user==admin
C. operation-login and dstip==10.1.1.210 and userl-admin
D. operation-login and performed_on=="GUI(10.1.1.210)' and user!=admin
What are two advantages of setting up fabric ADOM? (Choose two.)
A. It can be used for fast data processing and log correlation
B. It can be used to facilitate communication between devices in same Security Fabric
C. It can include all Fortinet devices that are part of the same Security Fabric
D. It can include only FortiGate devices that are part of the same Security Fabric
