Refer to the exhibits.

Page 306 of 7.0 study guide Reference: https://help.fortinet.com/fa/faz50hlp/56/5-6-2/FMG- FAZ/2300_Reports/0025_Auto-cache.htm

How many events will be added to the incident created after running this playbook?

A. Ten events will be added.

B. No events will be added.

C. Five events will be added.

D. Thirteen events will be added.

Which statements are true regarding securing communications between FortiAnalyzer and FortiGate with IPsec? (Choose two.)

A. Must configure the FortiAnalyzer end of the tunnel only--the FortiGate end is auto- negotiated.

B. Must establish an IPsec tunnel ID and pre-shared key.

C. IPsec cannot be enabled if SSL is enabled as well.

D. IPsec is only enabled through the CLI on FortiAnalyzer.

What is the purpose of a dataset query in FortiAnalyzer?

A. It sorts log data into tables

B. It extracts the database schema

C. It retrieves log data from the database

D. It injects log data into the database

After you have moved a registered logging device out of one ADOM and into a new ADOM, what is the purpose of running the following CLI command? execute sql-local rebuild-adom

A. To reset the disk quota enforcement to default

B. To remove the analytics logs of the device from the old database

C. To migrate the archive logs to the new ADOM

D. To populate the new ADOM with analytical logs for the moved device, so you can run reports

What can the CLI command # diagnose test application oftpd 3 help you to determine?

A. What devices and IP addresses are connecting to FortiAnalyzer

B. What logs, if any, are reaching FortiAnalyzer

C. What ADOMs are enabled and configured

D. What devices are registered and unregistered

Which clause is considered mandatory in SELECT statements used by the FortiAnalyzer to generate reports?

A. FROM

B. LIMIT

C. WHERE

D. ORDER BY

What is the best approach to handle a hard disk failure on a FortiAnalyzer that supports hardware RAID?

A. Hot swap the disk.

B. There is no need to do anything because the disk will self-recover.

C. Run execute format disk to format and restart the FortiAnalyzer device.

D. Shut down FortiAnalyzer and replace the disk

Which two purposes does the auto cache setting on reports serve? (Choose two.)

A. It automatically updates the hcache when new logs arrive.

B. It provides diagnostics on report generation time.

C. It reduces the log insert lag rate.

D. It reduces report generation time.

View the exhibit.

What does the data point at 14:35 tell you?

A. FortiAnalyzer is dropping logs.

B. FortiAnalyzer is indexing logs faster than logs are being received.

C. FortiAnalyzer has temporarily stopped receiving logs so older logs' can be indexed.

D. The sqlplugind daemon is ahead in indexing by one log.

Which two methods can you use to send event notifications when an event occurs that matches a configured event handler? (Choose two.)

A. SMS

B. Email

C. SNMP

D. IM