NSE 7 – OT Security 6.4 — Question 12

An OT administrator configured and ran a default application risk and control report in FortiAnalyzer to learn more about the key application crossing the network.
However, the report output is empty despite the fact that some related real-time and historical logs are visible in the FortiAnalyzer.
What are two possible reasons why the report output was empty? (Choose two.)

Answer options

• A. The administrator selected the wrong logs to be indexed in FortiAnalyzer.
• B. The administrator selected the wrong time period for the report.
• C. The administrator selected the wrong devices in the Devices section.
• D. The administrator selected the wrong hcache table for the report.

Correct answer: B, C

Explanation

The correct answer is B and C because selecting the wrong time period or devices can result in an empty report if there are no relevant logs for those criteria. Options A and D are incorrect as they do not directly affect the report output when real-time and historical logs are available.