Fortinet FCP FAZ AD 7 4 Exam Questions

Questions for the FCP FAZ AD 7 4 were updated on : Nov 23 ,2025

Page 1 out of 13. Viewing questions 1-15 out of 183

Question 1

Which fact must you consider after you enable auto-cache for reports?

  • A. You must rebuild the SQL database for the change to take effect.
  • B. Generating multiple reports simultaneously may cause data corruption.
  • C. You must choose a report type that supports this feature.
  • D. Larger reports may consume excessive system resources.
Answer:

D

User Votes:
A
50%
B
50%
C
50%
D
50%

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 2

The provided image is a multiple-choice question. The question and options are:
Which two statements are true about FortiAnalyzer log forwarding modes? (Choose two.)

  • A. Used storage
  • B. Reserved space
  • C. Retention policy
  • D. Total system storage
Answer:

B,D

User Votes:
A
50%
B
50%
C
50%
D
50%

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 3

For which two purposes would you use the command set log-checksum? (Choose two.)

  • A. To encrypt log communications and data
  • B. To prevent log modification or tampering
  • C. To send an identical set of logs to a second logging server
  • D. To protect log data from man-in-the-middle attacks
Answer:

B,D

User Votes:
A
50%
B
50%
C
50%
D
50%

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 4

Which two statements regarding the log synchronization states for HA on FortiAnalyzer are true?
(Choose two.)

  • A. With Initial Logs Sync, when you add a unit to an HA cluster, the primary device synchronizes its logs with the backup device.
  • B. By default, Log Data Sync is disabled on all backup devices.
  • C. When Log Data Sync is turned on, the backup device reboots and then rebuilds the log database with the synchronized logs.
  • D. Log Data Sync provides real-time log synchronization to all backup devices.
Answer:

C,D

User Votes:
A
50%
B
50%
C
50%
D
50%

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 5

Which process is responsible for enforcing the archive file size?

  • A. oftpd
  • B. logfiled
  • C. miglogd
  • D. sqlplugind
Answer:

A

User Votes:
A
50%
B
50%
C
50%
D
50%

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 6

Which process caches logs on FortiGate when FortiAnalyzer is not reachable?

  • A. logfiled
  • B. miglogd
  • C. sqlplugind
  • D. oftpd
Answer:

B

User Votes:
A
50%
B
50%
C
50%
D
50%

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 7

An administrator has moved a registered logging device out of one ADOM and into a new ADOM.
What is the purpose of running the following command: execute sql-local rebuild-adom <new-
ADOM-name>?

  • A. To remove the analytics logs of the device from the old database
  • B. To populate the new ADOM with analytical logs for the moved device, so you can run reports
  • C. To reset the ADOM disk quota enforcement to its default value
  • D. To migrate the archive logs to the new ADOM
Answer:

B

User Votes:
A
50%
B
50%
C
50%
D
50%

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 8

Which statement regarding the FortiAnalyzer Fabric is true?

  • A. The Fabric supervisor collects logs from the Fabric members.
  • B. Logging devices can register to the Fabric supervisor or to Fabric members.
  • C. Fabric members support HA.
  • D. Administrators can create new incidents from the Fabric supervisor.
Answer:

C

User Votes:
A
50%
B
50%
C
50%
D
50%

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 9

Which statement is true about ADOMs?

  • A. A fabric ADOM can include all the device types supported by FortiAnalyzer.
  • B. When a FortiAnalyzer Fabric is implemented the default ADOM mode is set to advanced.
  • C. In normal mode, you cannot change the disk quota of the ADOM after its creation.
  • D. You can change the ADOM mode only through the GUI.
Answer:

A

User Votes:
A
50%
B
50%
C
50%
D
50%

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 10

What is the purpose of the FortiAnalyzer command execute format disk?

  • A. To reset all settings from flash except the current IP addresses and routes.
  • B. To erase all device settings and images, databases, and log data from the disk, but preserve the IP and routing info.
  • C. To perform a low-level format of the disk overwriting the hard disk with random data.
  • D. To reset to factory default settings from flash.
Answer:

B

User Votes:
A
50%
B
50%
C
50%
D
50%

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 11

Which two of the available registration methods place the device automatically in its assigned
ADOM? {Choose two.)

  • A. Serial number
  • B. Pre-shared key
  • C. Fabric Authorization
  • D. Request from the device
Answer:

A,B

User Votes:
A
50%
B
50%
C
50%
D
50%

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 12

Which two statements about creating ADOMs are true1? (Choose two.)

  • A. An administrator with the default standard_User profile can create ADOMs.
  • B. Disk quotas can be defined per device inside the ADOM.
  • C. FortiAnalyzer creates default ADOMs when ADOMs are enabled.
  • D. The ADOM type you create must match the device type you are planning to add.
Answer:

C,D

User Votes:
A
50%
B
50%
C
50%
D
50%

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 13

Which two statements are true about FortiAnalyzer log forwarding modes? (Choose two.)

  • A. Both modes, forwarding and aggregation send logs as soon as they are received.
  • B. Aggregation mode requires two FortiAnalyzer devices.
  • C. Forwarding mode forwards logs to other FortiAnalyzer devices syslog servers, or CEF servers.
  • D. Forwarding mode requires configuration on the server side.
Answer:

B,C

User Votes:
A
50%
B
50%
C
50%
D
50%

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 14

What are analytics logs on FortiAnalyzer?

  • A. Logs that are saved in the active log file with the. log extension.
  • B. Logs that are compressed and saved to a log file with the, gz extension.
  • C. Logs that are rolled over when the log file reaches a specific size.
  • D. Logs that are indexed and stored in the SQL database.
Answer:

D

User Votes:
A
50%
B
50%
C
50%
D
50%

Explanation:
Analytics logs on FortiAnalyzer are those that are indexed and stored in the SQL database.
These logs are considered online and provide real-time access for analysis and reporting.
https://help.fortinet.com/fa/faz50hlp/56/5-6-
2/FortiAnalyzer_Admin_Guide/0300_Key_concepts/0600_Log_Storage/0400_Archive_analytics_logs
.htm

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 15

Which statement about the FortiSIEM management extension is correct?

  • A. Allows you to manage the entire life cycle of a threat or breach.
  • B. Its use of the available disk space is capped at 50%.
  • C. It requires a licensed FortiSIEM supervisor.
  • D. It can be installed as a dedicated VM.
Answer:

C

User Votes:
A
50%
B
50%
C
50%
D
50%

Explanation:
MEA - Administration Guide, FortiSIEM 6.7.5
To run the FortiSIEM Collector management extension application, the following requirements must
be met:
FortiAnalyzer 7.0.1 or above
FortiSIEM Supervisor, Worker, Collectors 6.3.0 or above.
FortiSIEM Linux Agent 6.3.0 or above.
FortiSIEM Windows Agent 4.1.2 or above.

Discussions
vote your answer:
A
B
C
D
0 / 1000
To page 2