New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Fortinet FCP_FAZ_AN-7.6 Exam - Topic 4 Question 1 Discussion

Actual exam question for Fortinet's FCP_FAZ_AN-7.6 exam
Question #: 1
Topic #: 4
[All FCP_FAZ_AN-7.6 Questions]

(How does FortiAnalyzer block indicators? (Choose one answer))

Show Suggested Answer Hide Answer
Suggested Answer: B

Comprehensive and Detailed Explanation From Exact Extract of knowledge of FortiAnalyzer 7.6 Study guide documents:

The FortiAnalyzer study guide states that blocking suspicious indicators is performed by integrating FortiAnalyzer with FortiManager (not by directly pushing a block list to FortiGate). Specifically: ''To use this feature, you must set up an authorized FortiManager connector for the FortiAnalyzer on the Fabric Connector page of FortiAnalyzer.''

It then explains the backend mechanism: ''In the back end, a playbook called Block_indicator runs every 5 minutes to send the information to FortiManager.'' After a successful run, ''the blocked indicator is pushed to the FortiManager External Resource list.'' From there, FortiManager can create threat feeds/security profiles/policy blocks and push policies to FortiGate as needed---however, the study guide clarifies: ''The Blocked status on FortiAnalyzer confirms that the list is updated on FortiManager, but it is not synced to FortiGate.''

Therefore, FortiAnalyzer blocks indicators by using a FortiManager connector and sending the block information to FortiManager (Option B).


by Jaime at Jan 27, 2026, 02:33 AM

Limited Time Offer

25%

Off

Get Premium FCP_FAZ_AN-7.6 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Leatha
5 days ago
I remember practicing a similar question, and I think the answer was about using a connector, but I can't recall which one.
upvoted 0 times
...
Salina
10 days ago
I think it might be option A, but I'm not entirely sure if FortiAnalyzer directly updates FortiGate like that.
upvoted 0 times
...
Kimbery
15 days ago
Ah, I remember learning about this in class. FortiAnalyzer doesn't actually block indicators itself, it just manages the block list and sends it to the FortiGate firewall. I'm pretty confident option B is the correct answer here.
upvoted 0 times
...
Shantell
20 days ago
I'm not too familiar with the specifics of how FortiAnalyzer works, so this is a bit tricky. I'm leaning towards option A or B, since those seem the most likely ways for FortiAnalyzer to update the block list on the FortiGate. But I'm not 100% sure.
upvoted 0 times
...
Lorrie
25 days ago
Okay, let me think this through. FortiAnalyzer is a centralized management and analysis tool, so it probably doesn't directly block indicators itself. My guess is that it uses some kind of connector or integration to push the block list to the FortiGate firewall. I'll go with option B.
upvoted 0 times
...
Elmira
1 month ago
I'm a bit confused on this one. Does FortiAnalyzer actually block indicators itself, or does it just send the block list to another device? I'm not sure which option is the correct answer.
upvoted 0 times
...
Georgiann
1 month ago
Hmm, this one seems pretty straightforward. I think I'll go with option B - it makes sense that FortiAnalyzer would use a FortiManager connector to send the block list.
upvoted 0 times
...

Save Cancel