● FCP - FortiAnalyzer 7.4 Administrator Exam Materials
Please note that the exam "FCP - FortiAnalyzer 7.4 Administrator" is no longer offered by Fortinet and is not available for booking through Pearson VUE, so we opened it on free view,
It has been replaced by the exam "NSE 5 - FortiAnalyzer 7.6 Analyst Exam"
The new exam version is available on Brave-Dumps and can be purchased.
It has been replaced by the exam "NSE 5 - FortiAnalyzer 7.6 Analyst Exam"
The new exam version is available on Brave-Dumps and can be purchased.
Question #91
Question #92
Which statement is true regarding Macros on FortiAnalyzer? (Choose one answer)
- A. Macros are predefined templates for reports and cannot be customized.
- B. Macros are useful in generating excel log files automatically based on the report settings.
- C. Macros are supported only on the FortiGate ADOM.
- D. Macros are ADOM specific and each ADOM has unique macros relevant to that ADOM.
Question #93
A rogue administrator was accessing FortiAnalyzer without permission, and you are tasked to see what activity was performed by that rogue administrator on FortiAnalyzer.
What can you do on FortiAnalyzer to accomplish this?
(Choose one answer)
- A. Click Task Monitor and view the tasks performed by that administrator.
- B. Click Fabric View and view the tasks performed by the rogue administrator.
- C. Click Log View and generate a report for that administrator.
- D. Click FortiView and generate a report for that administrator.
Question #94
Refer to the exhibit.
Which two statements are true regarding enabling auto-cache on FortiAnalyzer?
(Choose two answers)
- A. Enabling auto-cache reduces report generation time for reports that require a long time to assemble datasets.
- B. This feature is automatically enabled for scheduled reports.
- C. Reports will be cached in the memory.
- D. Report size will be optimized to conserve disk space on FortiAnalyzer.
Question #95
In Log View, you can use the Chart Builder feature to build a dataset and chart based on the filtered search results.
Similarly, which feature can you use for FortiView?.
(Choose one answer)
- A. Export to Custom Chart
- B. Export to PDF
- C. Export to Chart Builder
- D. Export to Report Chart
Question #96
Which statement about sending notifications with incident updates is true? (Choose one answer)
- A. Notifications can be sent only when an incident is created or deleted.
- B. You must configure an output profile to send notifications by email.
- C. Each incident can send notifications to a single external platform.
- D. Each connector used can have different notification settings.
Question #97
Which two statements are true regarding log fetching on FortiAnalyzer? (Choose two answers)
- A. Log fetching allows the administrator to fetch analytics logs from another FortiAnalyzer for redundancy.
- B. A FortiAnalyzer device can perform either the fetch server or client role, and it can perform two roles at the same time with the same FortiAnalyzer devices at the other end.
- C. Log fetching can be done only on two FortiAnalyzer devices that are running the same firmware version.
- D. Log fetching allows the administrator to run queries and reports against historical data by retrieving archived logs from one FortiAnalyzer device and sending them to another FortiAnalyzer device.
Question #98
Which SQL query is in the correct order to query the database in the FortiAnalyzer? (Choose one answer)
- A. FROM $log WHERE 'user'='USER1' SELECT devid GROUP BY devid
- B. SELECT devid FROM $log GROUP BY devid WHERE 'user'='USER1'
- C. SELECT devid FROM $log WHERE 'user'='USER1' GROUP BY devid
- D. SELECT devid WHERE 'user'='USER1' FROM $log GROUP BY devid
Question #99
What is the purpose of output variables? (Choose one answer)
- A. To display details of the connectors used by a playbook
- B. To store playbook execution statistics
- C. To save all the task settings when a playbook is exported
- D. To use the output of the previous task as the input of the current task
Question #100
Which statement about sending notifications with incident updates is true? (Choose one answer)
- A. Notifications can be sent only when an incident is created or deleted.
- B. You must configure an output profile to send notifications by email.
- C. Each incident can send notifications to a single external platform.
- D. Each connector used can have different notification settings.
Refer to the exhibit.
Based on the partial outputs displayed above, which devices are ready to be configured as peers in an HA cluster? (Choose one answer)