What FortiGate process caches logs when FortiAnalyzer is not reachable?

A. logfiled

B. sqlplugind

C. oftpd

D. miglogd

Which two statements are true regarding high availability (HA) on FortiAnalyzer? (Choose two.)

A. FortiAnalyzer HA can function without VRRP. and VRRP is required only if you have more than two FortiAnalyzer devices in a cluster.

B. FortiAnalyzer HA supports synchronization of logs as well as some system and configuration settings.

C. All devices in a FortiAnalyzer HA cluster must run in the same operation mode: analyzer or collector.

D. FortiAnalyzer HA implementation is supported by many public cloud infrastructures such as AWS, Microsoft Azure, and Google Cloud.

What purposes does the auto-cache setting on reports serve? (Choose two.)

A. To reduce report generation time

B. To automatically update the hcache when new logs arrive

C. To reduce the log insert lag rate

D. To provide diagnostics on report generation time

A rogue administrator was accessing FortiAnalyzer without permission, and you are tasked to see what activity was performed by that rogue administrator on FortiAnalyzer.

What can you do on FortiAnalyzer to accomplish this?

A. Click FortiView and generate a report for that administrator.

B. Click Task Monitor and view the tasks performed by that administrator.

C. Click Log View and generate a report for that administrator.

D. View the tasks performed by the rogue administrator in Fabric View.

In Log View, you can use the Chart Builder feature to build a dataset and chart based on the filtered search results.

Similarly, which feature you can use for FortiView?

A. Export to Report Chart

B. Export to PDF

C. Export to Chart Builder

D. Export to Custom Chart

Which two purposes does the auto cache setting on reports serve? (Choose two.)

A. It automatically updates the hcache when new logs arrive.

B. It provides diagnostics on report generation time.

C. It reduces the log insert lag rate.

D. It reduces report generation time.

FortiAnalyzer reports are dropping analytical data from 15 days ago, even though the data policy setting for analytics logs is 60 days.

What is the most likely problem?

A. Quota enforcement is acting on analytical data before a report is complete

B. Logs are rolling before the report is run

C. CPU resources are too high

D. Disk utilization for archive logs is set for 15 days

For which two SAML roles can the FortiAnalyzer be configured? (Choose two.)

A. Principal

B. Service provider

C. Identity collector

D. Identity provider

After you have moved a registered logging device out of one ADOM and into a new ADOM, what is the purpose of running the following CLI command?

execute sql-local rebuild-adom

A. To reset the disk quota enforcement to default

B. To remove the analytics logs of the device from the old database

C. To migrate the archive logs to the new ADOM

D. To populate the new ADOM with analytical logs for the moved device, so you can run reports

How can you configure FortiAnalyzer to permit administrator logins from only specific locations?

A. Use static routes

B. Use administrative profiles

C. Use trusted hosts

D. Use secure protocols