Free Fortinet FCP_FAZ_AD-7.4 Exam Actual Questions

The questions for FCP_FAZ_AD-7.4 were last updated On Oct 29, 2024

Question No. 1

Which two methods can you use to restrict administrative access on FortiAnalyzer? (Choose two.)

Show Answer Hide Answer
Correct Answer: A, D

Configure trusted hosts.

Trusted hosts restrict administrative access to FortiAnalyzer by limiting the IP addresses or subnets from which administrators can log in.

Use administrator profiles.

Administrator profiles define roles and permissions, restricting what specific administrators can access and manage on FortiAnalyzer.

The other options are not applicable because:

Limiting access to specific virtual domains is not applicable to FortiAnalyzer, as virtual domains (VDOMs) are a concept used in FortiGate, not FortiAnalyzer.

Fabric connectors to external LDAP servers are used for authentication purposes but do not directly restrict administrative access based on roles or IP addresses.


Question No. 2

In a Fortinet Security Fabric, what can make an upstream FortiGate create traffic logs associated with sessions initiated on downstream FortiGate devices?

Show Answer Hide Answer
Correct Answer: B

When the upstream FortiGate is performing Network Address Translation (NAT), it creates new session entries for traffic passing through it. As a result, it generates its own traffic logs for those sessions, even if the sessions were initiated on a downstream FortiGate. This is because the upstream FortiGate is altering the source IP address, making it responsible for tracking the session details.


Question No. 3

You finished registering a FortiGate device. After traffic starts to flow through FortiGate, you notice that only some of the logs expected are being received on FortiAnalyzer.

What could be the reason for the logs not arriving on FortiAnalyzer?

Show Answer Hide Answer
Correct Answer: C

This issue can occur if FortiGate is not properly configured to send logs to FortiAnalyzer, such as incorrect logging settings or filters being applied that prevent certain logs from being sent. It's important to verify that logging is enabled on FortiGate and that the correct log settings (such as log severity or log type) are configured for transmission to FortiAnalyzer.


Question No. 4

Which statement correctly describes RAID 10 (1+0) on FortiAnalyzer?

Show Answer Hide Answer
Correct Answer: A

RAID 10 combines mirroring (RAID 1) and striping (RAID 0). In a RAID 10 setup with four disks, data is mirrored across two pairs of disks, and those pairs are striped for performance. This results in improved performance and fault tolerance, but the total usable storage is 50% of the total raw storage, meaning four 2 TB disks provide 4 TB of usable space.


Question No. 5

Which two elements are contained in a system backup created on FortiAnalyzer? (Choose two.)

Show Answer Hide Answer
Correct Answer: C, D

A FortiAnalyzer system backup includes configurations, report settings, and system information, but it does not include logs from registered devices or database snapshots. Logs are stored separately and are not part of the system configuration backup.