FCP – FortiAnalyzer Administrator 7.4 — Question 31

Which two statements regarding FortiAnalyzer log forwarding modes are true? (Choose two.)

Answer options

• A. Both modes, forwarding and aggregation, support encryption of logs between devices.
• B. In aggregation mode, you can forward logs to syslog and CEF servers.
• C. Forwarding mode forwards logs in real time only to other FortiAnalyzer devices.
• D. Aggregation mode stores logs and content files and uploads them to another FortiAnalyzer device at a scheduled time.

Correct answer: A, D

Explanation

Option A is correct because both forwarding and aggregation modes allow for log encryption during transmission. Option D is also correct as aggregation mode is designed to store logs and send them later. Option B is incorrect because aggregation mode does not support forwarding to syslog and CEF servers, and option C is misleading since forwarding mode can also send logs to other devices, not just limited to FortiAnalyzer devices.