Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

Fortinet Exam NSE6_FAZ-7.2 Topic 3 Question 5 Discussion

Actual exam question for Fortinet's NSE6_FAZ-7.2 exam
Question #: 5
Topic #: 3
[All NSE6_FAZ-7.2 Questions]

A rogue administrator was accessing FortiAnalyzer without permission.

Where can you view the activities that the rogue administrator performed on FortiAnalyzer?

Show Suggested Answer Hide Answer
Suggested Answer: A

To monitor the activities performed by any administrator, including a rogue one, on the FortiAnalyzer, you should use the FortiView feature. FortiView provides a comprehensive overview of the activities and events happening within the FortiAnalyzer environment, including administrator actions, making it the appropriate tool for tracking unauthorized or suspicious activities. Reference: FortiAnalyzer 7.4.1 Administration Guide, 'System Settings > Fabric Management' section.


by Olive at Mar 08, 2024, 02:01 AM

Limited Time Offer

25%

Off

Get Premium NSE6_FAZ-7.2 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Hyman
10 months ago
I think it could be Fabric View. But FortiView seems like a popular choice among us.
upvoted 0 times
...
Barbra
10 months ago
I think FortiView is the correct option to view the activities.
upvoted 0 times
...
Maybelle
10 months ago
But could it be in System Settings as well?
upvoted 0 times
...
Jennifer
10 months ago
I agree with Chantell, Log View seems like a possible option.
upvoted 0 times
...
Chantell
10 months ago
I believe it could also be in Log View.
upvoted 0 times
...
Maybelle
10 months ago
I think the activities can be viewed in FortiView.
upvoted 0 times
...
Marvel
10 months ago
Candidate 3: Yeah, it's important to monitor and track any unauthorized access.
upvoted 0 times
...
Eugene
11 months ago
Candidate 2: That makes sense. Log View could also be a good option to check for the rogue administrator's actions.
upvoted 0 times
...
Jennie
12 months ago
Candidate 1: I'm leaning towards FortiView because it's specifically designed for viewing activities.
upvoted 0 times
...
Layla
12 months ago
Candidate 3: Log View could also show the activities.
upvoted 0 times
...
Brett
1 years ago
Candidate 2: I believe it might be in Fabric View.
upvoted 0 times
...
Patrick
1 years ago
Candidate 1: I think the activities can be viewed in FortiView.
upvoted 0 times
...
Chantell
1 years ago
Nah, I don't think D) System Settings is the right answer. That's more for configuring the overall system, not necessarily tracking user activities. C) Log View is definitely the way to go.
upvoted 0 times
...
Becky
1 years ago
You guys are probably right, but I'm not entirely sure. Couldn't it also be D) System Settings? Maybe we can find some audit logs or user activity information in there as well.
upvoted 0 times
...
Isidra
1 years ago
I agree, C) Log View is the best choice here. The log files should contain detailed information about the rogue administrator's actions, which is exactly what we need to investigate this incident.
upvoted 0 times
Omer
1 years ago
Agreed, we need the detailed information from the log files to investigate this incident thoroughly.
upvoted 0 times
...
Shizue
1 years ago
That's why C) Log View is the most appropriate option.
upvoted 0 times
...
Dong
1 years ago
In this case, we need to focus on the specific activities of the rogue administrator.
upvoted 0 times
...
Ty
1 years ago
But Fabric View could show the overall network fabric, giving more context.
upvoted 0 times
...
Evangelina
1 years ago
True, FortiView provides detailed graphical representations of network activities.
upvoted 0 times
...
Sherly
1 years ago
I think FortiView could also be helpful in this situation.
upvoted 0 times
...
Margarita
1 years ago
C) Log View is the best choice here.
upvoted 0 times
...
...
Lorrie
1 years ago
Hmm, this is a tricky one. I'd say the answer is most likely C) Log View. That's where we can typically see all the activities and events that have taken place on the system, including any unauthorized access attempts.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77