Which two settings must you configure on FortiAnalyzer to allow non-local administrators to authenticate to FortiAnalyzer with any user account in a single LDAP group? (Choose two.)
A. A local wildcard administrator account
B. A remote LDAP server
C. A trusted host profile that restricts access to the LDAP group
D. An administrator group
Refer to the exhibit.
Which image corresponds to the packet capture shown in the exhibit?
A. Option A
B. Option B
C. Option C
D. Option D
What is Log Insert Lag Time on FortiAnalyzer?
A. The number of times in the logs where end users experienced slowness while accessing resources.
B. The amount of lag time that occurs when the administrator is rebuilding the ADOM database.
C. The amount of time that passes between the time a log was received and when it was indexed on FortiAnalyzer.
D. The amount of time FortiAnalyzer takes to receive logs from a registered device
Which statement is true when you are upgrading the firmware on an HA cluster made up of two FortiAnalyzer devices?
A. First, upgrade the secondary device, and then upgrade the primary device.
B. Both FortiAnalyzer devices will be upgraded at the same time.
C. You can enable uninterruptible-upgrade so that the normal FortiAnalyzer operations are not interrupted while the cluster firmware upgrades.
D. You can perform the firmware upgrade using only a console connection.
Which FortiAnalyzer feature allows you to use a proactive approach when managing your network security?
A. Incidents dashboards
B. Threat hunting
C. FortiView Monitor
D. Outbreak alert services
Which two methods are the most common methods to control and restrict administrative access on FortiAnalyzer? (Choose two.)
A. Virtual domains
B. Administrative access profiles
C. Trusted hosts
D. Security Fabric
Refer to the exhibit.
Laptopt is used by several administrators to manage FortiAnalyzer. You want to configure a generic text filter that matches all login attempts to the web interface generated by any user other than "admin" and coming from Laptop1: Which filter will achieve the desired result?
A. operation-login and performed_on=="GUI(10.1.1.100)" and user!=admin
B. operation-login and srcip==10.1.1.100 and dstip==10.1.1.210 and user==admin
C. operation-login and dstip==10.1.1.210 and userl-admin
D. operation-login and performed_on=="GUI(10.1.1.210)' and user!=admin
If a hard disk fails on a FortiAnalyzer that supports software RAID, what should you do to bring the FortiAnalyzer back to functioning normally, without losing data?
A. Hot swap the disk
B. Replace the disk and rebuild the RAID manually
C. Take no action if the RAID level supports a failed disk
D. Shut down FortiAnalyzer and replace the disk
Which two statements about log forwarding are true? (Choose two.)
A. Forwarded logs cannot be filtered to match specific criteria.
B. Logs are forwarded in real-time only.
C. The client retains a local copy of the logs after forwarding.
D. You can use aggregation mode only with another FortiAnalyzer.
What is the purpose of the following CLI command?
A. To add a log file checksum
B. To add the MD's hash value and authentication code
C. To add a unique tag to each log to prove that it came from this FortiAnalyzer
D. To encrypt log communications