Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. Fortinet
  5. FCP_FAZ_AD-7.4

Fortinet FCP_FAZ_AD-7.4 Exam
FCP - FortiAnalyzer 7.4 Administrator (Page 3 )

Updated On: 12-Feb-2026
Page 3 of 36
PDF with 178 Questions

Refer to the exhibit.



What is the purpose of configuring FortiAnalyzer with the settings displayed in the image?

  1. To increase reliability
  2. To expand bandwidth
  3. To maximize resiliency
  4. To improve security

Answer(s): D

Explanation:

The settings displayed in the image show the creation of a VLAN interface on FortiAnalyzer. The VLAN ID is set to 100, and it is associated with port 5.

The purpose of configuring a VLAN interface like this is generally: To improve security.

By creating a VLAN, traffic can be segmented into isolated networks, which helps limit access and enhances security by reducing the broadcast domain and keeping different types of traffic (e.g., management, user, and data traffic) separate.



What are offline logs on FortiAnalyzer?

  1. Compressed logs, also known as archive logs
  2. Logs that are indexed and stored in the SQL database
  3. Any logs collected from offline devices after they boot up
  4. Real-time logs that are not yet indexed

Answer(s): C

Explanation:

These logs are generated when devices that were previously offline come back online and send their log data to the FortiAnalyzer.



Which two elements are contained in a system backup created on FortiAnalyzer? (Choose two.)

  1. Logs from registered devices
  2. Database snapshot
  3. Report information
  4. System information

Answer(s): C,D

Explanation:

A FortiAnalyzer system backup includes configurations, report settings, and system information, but it does not include logs from registered devices or database snapshots. Logs are stored separately and are not part of the system configuration backup.



Refer to the exhibit.



Based on the partial outputs displayed, which devices can be members of a FortiAnalyzer Fabric?

  1. FortiAnalyzer1 and FortiAnalyzer3
  2. All devices listed can be members.
  3. FortiAnalyzer1 and FortiAnalyzer2
  4. FortiAnalyzer2 and FortiAnalyzer3

Answer(s): C

Explanation:

Based on the partial configuration output, the primary factor for determining which devices can be members of a FortiAnalyzer Fabric is the log-mode setting. Devices with the same log mode can be part of the same FortiAnalyzer Fabric.

FortiAnalyzer1: Log mode is set to collector.

FortiAnalyzer2: Log mode is set to collector.

FortiAnalyzer3: Log mode is set to analyzer.

Devices with the same log mode can be part of the same fabric. Since FortiAnalyzer1 and FortiAnalyzer2 both have their log modes set to collector, they can be members of a FortiAnalyzer Fabric.

Therefore, the correct answer is FortiAnalyzer1 and FortiAnalyzer2.



You finished registering a FortiGate device. After traffic starts to flow through FortiGate, you notice that only some of the logs expected are being received on FortiAnalyzer.

What could be the reason for the logs not arriving on FortiAnalyzer?

  1. FortiGate was added to the wrong ADOM type.
  2. This FortiGate model is not fully supported.
  3. FortiGate does not have logging configured correctly.
  4. This FortiGate is part of an HA cluster but it is the secondary device.

Answer(s): C

Explanation:

This issue can occur if FortiGate is not properly configured to send logs to FortiAnalyzer, such as incorrect logging settings or filters being applied that prevent certain logs from being sent. It's important to verify that logging is enabled on FortiGate and that the correct log settings (such as log severity or log type) are configured for transmission to FortiAnalyzer.






Post your Comments and Discuss Fortinet FCP_FAZ_AD-7.4 exam prep with other Community members:

Join the FCP_FAZ_AD-7.4 Discussion