Logs are being deleted from one of the ADOMs earlier than the configured setting for archiving in the data policy.

What is the most likely problem?

A. CPU resources are too high

B. Logs in that ADOM are being forwarded, in real-time, to another FortiAnalyzer device

C. The total disk space is insufficient and you need to add other disk

D. The ADOM disk quota is set too low, based on log rates

You are using RAID with a FortiAnalyzer that supports software RAID, and one of the hard disks on FortiAnalyzer has failed.

What is the recommended method to replace the disk?

A. Shut down FortiAnalyzer and then replace the disk

B. Downgrade your RAID level, replace the disk, and then upgrade your RAID level

C. Clear all RAID alarms and replace the disk while FortiAnalyzer is still running

D. Perform a hot swap

What statements are true regarding the "store and upload" log transfer option between FortiAnalyzer and FortiGate? (Choose three.)

A. All FortiGates can send logs to FortiAnalyzer using the store and upload option.

B. Only FortiGate models with hard disks can send logs to FortiAnalyzer using the store and upload option.

C. Both secure communications methods (SSL and IPsec) allow the store and upload option.

D. Disk logging is enabled on the FortiGate through the CLI only.

E. Disk logging is enabled by default on the FortiGate.

For which two SAML roles can the FortiAnalyzer be configured? (Choose two.)

A. Principal

B. Service provider

C. Identity collector

D. Identity provider

What FortiView tool can you use to automatically build a dataset and chart based on a filtered search result?

A. Chart Builder

B. Export to Report Chart

C. Dataset Library

D. Custom View

What can the CLI command # diagnose test application oftpd 3 help you to determine?

A. What devices and IP addresses are connecting to FortiAnalyzer

B. What logs, if any, are reaching FortiAnalyzer

C. What ADOMs are enabled and configured

D. What devices are registered and unregistered

Which log type does the FortiAnalyzer indicators of compromise feature use to identify infected hosts?

A. Antivirus logs

B. Web filter logs

C. IPS logs

D. Application control logs

What must you configure on FortiAnalyzer to upload a FortiAnalyzer report to a supported external server? (Choose two.)

A. SFTP, FTP, or SCP server

B. Mail server

C. Output profile

D. Report scheduling

FortiAnalyzer centralizes which functions? (Choose three)

A. Network analysis

B. Graphical reporting

C. Content archiving / data mining

D. Vulnerability assessment

E. Security log analysis / forensics

What is the purpose of a dataset query in FortiAnalyzer?

A. It sorts log data into tables

B. It extracts the database schema

C. It retrieves log data from the database

D. It injects log data into the database