For which two purposes would you use the command set log checksum? (Choose two.)
A . To help protect against man-in-the-middle attacks during log upload from FortiAnalyzer to an SFTP server
B . To prevent log modification or tampering
C . To encrypt log communications
D . To send an identical set of logs to a second logging server
Answer: A,B
Explanation:
To prevent the log in the store from being modified, you can add a log checksum by using the config system global command. When the log is split, archived, and the log is uploaded (if the feature is enabled), you can configure the FortiAnalyzer to log the log file hash value, timestamp, and authentication code. This can help defend against man-in-the-middle attacks when uploading log transmission data from the
FortiAnalyzer to the SFTP server.
Leave a Reply