When you perform a system backup, what does the backup configuration contain? (Choose two.) 〖执行系统备份时,备份配置包含哪些内容?(选择两个)〗
A. Generated reports 〖生成的报告〗
B. Device list 〖设备列表〗
C. Authorized devices logs 〖授权的设备日志〗
D. System information〖系统信息〗
【分析】
备份包含除了实际日志和生成的报告之外的所有内容。
【答案】B D
After you have moved a registered logging device out of one ADOM and into a new ADOM, what is the purpose of running the following CLI command? 〖将已注册的日志设备从一个ADOM移到一个新的ADOM后,运行以下CLI命令的目的是什么?〗
execute sql-local rebuild-adom <new-ADOM-name>
A. To reset the disk quota enforcement to default 〖将磁盘配额强制设置为默认值〗
B. To remove the analytics logs of the device from the old database 〖从旧数据库中删除设备的分析日志〗
C. To migrate the archive logs to the new ADOM 〖将归档日志迁移到新的ADOM〗
D. To populate the new ADOM with analytical logs for the moved device, so you can run reports〖用移动设备的分析日志填充新的ADOM,以便运行报告〗
【分析】
在新的ADOM中,报告需要设备的分析日志吗?如果是,则需要重新构建新的ADOM SQL数据库。移动设备时,只有归档日志(压缩日志)被迁移到新的ADOM。在重新构建数据库之前,分析日志(索引日志)会一直保存在旧的ADOM中。
【答案】D
FortiAnalyzer reports are dropping analytical data from 15 days ago, even though the data policy setting for analytics logs is 60 days. 〖FortiAnalyzer报告删除了15天前的分析数据,即使分析日志的数据策略设置是60天。〗
What is the most likely problem? 〖最可能出现的问题是什么?〗
A. Quota enforcement is acting on analytical data before a report is complete 〖配额执行是在报告完成之前对分析数据采取行动〗
B. Logs are rolling before the report is run 〖日志在运行报表之前滚动〗
C. CPU resources are too high 〖CPU资源过高〗
D. Disk utilization for archive logs is set for 15 days〖归档日志的磁盘利用率设置为15天〗
【分析】
给ADOM分配配额不足会导致许多问题。如果配额执行在报告完成之前对分析数据采取行动,则会对报告产生不利影响。
【答案】A
For which two purposes would you use the command set log checksum? (Choose two.) 〖出于哪两个目的,你会使用命令set log checksum?(选择两个)〗
A. To help protect against man-in-the-middle attacks during log upload from FortiAnalyzer to an SFTP server 〖在从FortiAnalyzer上传日志到SFTP服务器时,帮助防止中间人攻击〗
B. To prevent log modification or tampering 〖防止日志被修改或篡改〗
C. To encrypt log communications 〖加密日志通信〗
D. To send an identical set of logs to a second logging server〖将一组相同的日志发送到第二个日志服务器〗
【分析】
为了防止日志在存储时被篡改,可以使用config system global命令添加日志校验和。你可以配置FortiAnalyzer来记录日志文件散列值、时间戳和身份验证代码,当日志被滚动和归档时,以及当日志被上传时(如果启用了该特性)。这也可以帮助防止中间人在日志上传期间从FortiAnalyzer传输到SSH文件传输协议(SFTP)服务器。
【答案】A B
Refer to the exhibit. 〖查看下列图片。〗
What does the data point at 14:55 tell you? 〖14:55的数据告诉你什么?〗
A. The received rate is almost at its maximum for this device 〖该设备的接收速率几乎达到了它的最大值〗
B. The sqlplugind daemon is behind in log indexing by two logs 〖sqlplugind守护进程在日志索引方面落后于两个日志〗
C. Logs are being dropped 〖日志正在被删除〗
D. Raw logs are reaching FortiAnalyzer faster than they can be indexed〖原始日志到达FortiAnalyzer的速度比建立索引的速度要快〗
【分析】
插入速率与接收速率是一个图表,它显示了原始日志到达FortiAnalyzer的速率(接收速率)和被SQL数据库和sqlplugind守护进程索引的速率(插入速率)。
【答案】D
Why should you use an NTP server on FortiAnalyzer and all registered devices that log into FortiAnalyzer? 〖为什么要在FortiAnalyzer和登录到FortiAnalyzer的所有注册设备上使用NTP服务器?〗
A. To properly correlate logs 〖正确地关联日志〗
B. To use real-time forwarding 〖使用实时转发〗
C. To resolve host namese 〖解析主机名称〗
D. To improve DNS response times〖提高DNS响应时间〗
【分析】
将FortiAnalyzer和所有注册设备上的时间与NTP服务器同步,以实现正确的日志相关性。
【答案】A
Which two constraints can impact the amount of reserved disk space required by FortiAnalyzer? (Choose two.) 〖哪两个约束会影响FortiAnalyzer所需的预留磁盘空间数量?(选择两个)〗
A. License type 〖许可证类型〗
B. Disk size 〖磁盘大小〗
C. Total quota 〖配额总数〗
D. RAID level〖RAID级别〗
【分析】
如果使用RAID, RAID级别会影响磁盘大小和预留的确定配额水平。
【答案】B D
You are using RAID with a FortiAnalyzer that supports software RAID, and one of the hard disks on FortiAnalyzer has failed What is the recommended method to replace the disk? 〖你正在使用支持软件RAID的FortiAnalyzer的RAID,并且FortiAnalyzer上的一个硬盘已经失效。更换硬盘的建议方法是什么?〗
A. Shut down FortiAnalyzer and then replace the disk 〖关闭FortiAnalyzer,然后更换磁盘〗
B. Downgrade your RAID level, replace the disk, and then upgrade your RAID level 〖请先降低RAID级别,然后更换硬盘,再升级RAID级别〗
C. Clear all RAID alarms and replace the disk while FortiAnalyzer is still running 〖请清除所有RAID告警,并在FortiAnalyzer运行时更换硬盘〗
D. Perform a hot swap〖进行热插拔〗
【分析】
Fortinet只支持硬件RAID的热插拔,所以建议在有软件RAID的FortiAnalyzer设备上,在更换硬盘之前应该先关闭FortiAnalyzer。
【答案】A
If a hard disk fails on a FortiAnalyzer that supports software RAID, what should you do to bring the FortiAnalyzer back to functioning normally, without losing data? 〖如果支持软件RAID的FortiAnalyzer上的硬盘故障,你应该做什么来使FortiAnalyzer恢复正常功能,而不丢失数据?〗
A. Hot swap the disk 〖热插拔硬盘〗
B. Replace the disk and rebuild the RAID manually 〖请手动更换硬盘并重建RAID〗
C. Take no action if the RAID level supports a failed disk 〖如果RAID级别支持故障盘,则无需处理〗
D. Shut down FortiAnalyzer and replace the disk〖关闭FortiAnalyzer并更换磁盘〗
【分析】
Fortinet只支持硬件RAID的热插拔,所以建议在有软件RAID的FortiAnalyzer设备上,在更换硬盘之前应该先关闭FortiAnalyzer。
【答案】D
You have recently grouped multiple FortiGate devices into a single ADOM. System Settings > Storage Info shows the quota used.What does the disk quota refer to? 〖你最近将多个FortiGate设备分组到一个ADOM中。System Settings > Storage Info显示已使用的配额信息。磁盘配额指的是什么?〗
A. The maximum disk utilization for each device in the ADOM 〖ADOM中每个设备的最大磁盘利用率〗
B. The maximum disk utilization for the FortiAnalyzer model 〖FortiAnalyzer型号的最大磁盘利用率〗
C. The maximum disk utilization for the ADOM type 〖ADOM类型的最大磁盘利用率〗
D. The maximum disk utilization for all devices in the ADOM〖ADOM中所有设备的最大磁盘利用率〗
【分析】
一旦你创造了一个ADOM。你可以设置磁盘配额。这个配额是分配给ADOM的,而不是添加到其中的单个设备。默认情况下,允许的最大磁盘配额为50GB。
【答案】D
扫一扫
240
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
