Fortinet Exam FCP_FAZ_AD-7.4 Topic 2 Question 2 Discussion

Actual exam question for Fortinet's FCP_FAZ_AD-7.4 exam

Question #: 2
Topic #: 2

[All FCP_FAZ_AD-7.4 Questions]

Which two statements regarding FortiAnalyzer log forwarding modes are true? (Choose two.)

ABoth modes, forwarding and aggregation, support encryption of logs between devices.

BIn aggregation mode, you can forward logs to syslog and CEF servers.

CForwarding mode forwards logs in real time only to other FortiAnalyzer devices.

DAggregation mode stores logs and content files and uploads them to another FortiAnalyzer device at a scheduled time.

Show Suggested Answer

Suggested Answer: A, D

Both modes, forwarding and aggregation, support encryption of logs between devices.

Both forwarding and aggregation modes can use encryption to securely transfer logs between FortiAnalyzer devices.

Aggregation mode stores logs and content files and uploads them to another FortiAnalyzer device at a scheduled time.

In aggregation mode, logs are stored and then transferred to another FortiAnalyzer at a scheduled time, rather than in real-time. This mode is typically used when consolidating logs from multiple devices into a central FortiAnalyzer.

The other options are incorrect because:

Forwarding mode sends logs in real-time but not exclusively to other FortiAnalyzer devices; it can also send logs to external systems like syslog servers.

Aggregation mode is primarily for consolidating logs to another FortiAnalyzer and doesn't focus on forwarding logs to syslog or CEF servers.

by Reita at Oct 19, 2024, 11:54 AM

Limited Time Offer

25%

2 months ago

A and D seem to be the correct options here. Forwarding and aggregation modes both support encryption, and aggregation mode allows for scheduled log uploads to other FortiAnalyzer devices.

upvoted 0 times