Unified event correlation and risk management Collect, parse, normalize, index. and store security logs
FortiSIEM
FortiAnalyzer
FortiManager
Hosted subscription-based service Long—term log storage and reporting Bound to Fortinet Support account FortiGate includes a free tier
FortiCloud
Long term, dedicated storage of log data Reports Log limit dependent on model
Syslog
Logging server Central repository for networked devices Consolidates logs
Like FortiAnalyzer. can also store logs and generate reports, but has fixed amount per day that is less than equivalent size FortiAnalyzer
Primary purpose: central administrative management of networked devices
Configure logging options: (select 4)
store-and-upload (CLI configuration only)
Real time
Every Minute
Every 5 Minutes (default)
store-and-download (CLI configuration only)
Every 10 Minutes (default)
Every 30 seconds
By default, if the FortiAnaIyzer disk is full, the oldest logs never are overwritten. However, you can configure FortiAnalyzer to stop logging.
Fortigate uses ___ for log transmission
UDP 514 or TCP 514
UDP 415 or TCP 415
If using reliable logging, you can encrypt communications using
SSL—secured OFTP (OFTPS).
SSL—secured FTPS (FTPS)
SSL—secured FIPS (FIPS).
The primary purpose of which device is to store and analyze logs?
A. FortiAnaIyzer
B. FortiManager
What protocol does FortiGate use to send encrypted logs to FortiAnalyzer?
A. OFTPS
B. SSL
If you enable reliable logging, which transport protocol will FortiGate use?
A. UDP
B. TCP
Hiding user names in logs:
# config log setting set user-anonymize enable end
# config log edit setting set user-anonymous enable end
What setting on your firewall policy must you enable to generate logs on traffic sent through that firewall policy?
A. Log Allowed Traffic
B. Event Logging
Which log type can generate a large number of logs and is therefore disabled by default?
A. Local Traffic Log
What effect does the CLI command set user—anonymize enable have on traffic and UTM logs?
A. Sets the user name in the logs to “anonymous”
B. Sets the user IP in the logs to ¨N/A¨
True or False? Menu items that display under Log & Report depend on the incoming logs.
A. True
B. False
On the FortiGate GUI, log can help you find a specific log entry more efficiently.
A. details
B. filters
With email alerts, you can trigger alert emails based on or log severity level.
A. event
B. threat weight
What happens when logs roll?
A. It lowers the space requirements needed to contain those logs.
B. They are uploaded to an FTP server.
When you download logs on the GUI,...
A. all logs in the SQL database are downloaded.
B. only your current View, including any filters set, are downloaded.
What does the following CLI command do? config log disk setting set upload enable
A. Configures rolled logs to upload to an FTP server
B. Configures rolled logs to upload to any external logging device
