QUESTION: 61

Which statements are true regarding securing communications between FortiAnalyzer and FortiGate with IPsec? (Choose two.)

Must configure the FortiAnalyzer end of the tunnel only--the FortiGate end is auto-negotiated.
Must establish an IPsec tunnel ID and pre-shared key.
IPsec cannot be enabled if SSL is enabled as well.
IPsec is only enabled through the CLI on FortiAnalyzer.

Answer(s): B,D

Explanation:

Option B is correct because you must establish an IPsec tunnel ID and pre-shared key to secure the communication between FortiAnalyzer and FortiGate with IPsec12. The tunnel ID is a unique identifier for each tunnel and the pre-shared key is a secret passphrase that authenticates the peers.

Option D is correct because IPsec is only enabled through the CLI on FortiAnalyzer1. You cannot configure IPsec settings through the GUI on FortiAnalyzer.

Reveal Solution Next Question

QUESTION: 62

Which two statements about log forwarding are true? (Choose two.)

Forwarded logs cannot be filtered to match specific criteria.
Logs are forwarded in real-time only.
The client retains a local copy of the logs after forwarding.
You can use aggregation mode only with another FortiAnalyzer.

Answer(s): C,D

Explanation:

https://docs.fortinet.com/document/fortianalyzer/6.2.5/administration-guide/420493/modes https://docs.fortinet.com/document/fortianalyzer/6.2.5/administration-guide/621804/log- forwarding

Reveal Solution Next Question

QUESTION: 63

Which two methods can you use to send event notifications when an event occurs that matches a configured event handler? (Choose two.)

SMS
Email
SNMP
IM

Answer(s): B,C

Reference:

https://help.fortinet.com/fa/faz50hlp/60/6-0-2/Content/FortiAnalyzer_Admin_Guide/1800_Events/0200_Event_handlers/0600_Create_event_handlers.htm

https://help.fortinet.com/fa/faz50hlp/60/6-0- 2/Content/FortiAnalyzer_Admin_Guide/1800_Events/0200_Event_handlers/0600_Create_event_ha ndlers.htm

Reveal Solution Next Question