NSE5_FAZ-7.2 Exam Dumps - Fortinet Certification Questions and Answers

Pg 70: “after you add and register a FortiGate device with the FortiAnalyzer unit, you must also ensure that the FortiGate device is configured to send logs to the FortiAnalyzer unit.”

https://docs.fortinet.com/uploaded/files/4614/FortiAnalyzer-5.4.6-Administration%20Guide.pdf

Pg 45: “ADOMs must be enabled to support the logging and reporting of NON-FORTIGATE devices, such as FortiCarrier, FortiClientEMS, FortiMail, FortiWeb, FortiCache, and FortiSandbox.”

• Super_User, which, like in FortiGate, provides access to all device and system privileges.

• Standard_User, which provides read and write access to device privileges, but not system privileges.

• Restricted_User, which provides read access only to device privileges, but not system privileges. Access

to the Management extensions is also removed.

• No_Permissions_User, which provides no system or device privileges. Can be used, for example, to

temporarily remove access granted to existing admins.

FortiAnalyzer_7.0_Study_Guide-Online page 42

In order to configure IOC, you require the following:

• A one-year subscription to IOC. Note that FortiAnalyzer does include an evaluation license, but it is restrictive and only meant to give you an idea of how the feature works.

• A web filter services subscription on FortiGate device(s)

• Web filter policies on FortiGate device(s) that send traffic to FortiAnalyzer

Compromised Hosts or Indicators of Compromise service (IOC) is a licensed feature.

To view Compromised Hosts, you must turn on the UTM web filter of FortiGate devices and subscribe your FortiAnalyzer unit to FortiGuard to keep its local threat database synchronized with the FortiGuard threat database. See Subscribing FortiAnalyzer to FortiGuard.

Ref :https://docs.fortinet.com/document/fortianalyzer /6.4.0/administration-guide/137635/viewing-compromised-hosts

https://docs.fortinet.com/document/fortianalyzer/6.2.5/administration-guide/368682/disk-spac e-allocation