Skip to Content

Fortinet NSE4_FGT-7.2: What is the default behavior when local disk is full

Question

You have enabled logging on a FortiGate device for event logs and all security logs, and you have set up logging to use the FortiGate local disk. What is the default behavior when the local disk is full?

A. No new log is recorded after the warning is issued when log disk use reaches the threshold of 95%.
B. No new log is recorded until you manually clear logs from the local disk.
C. Logs are overwritten and the first warning is issued when log disk use reaches the threshold of 75%.
D. Logs are overwritten and the only warning is issued when log disk use reaches the threshold of 95%.

Answer

D. Logs are overwritten and the only warning is issued when log disk use reaches the threshold of 95%.

Explanation

The correct answer is D. Logs are overwritten and the only warning is issued when log disk use reaches the threshold of 95%.

According to the FortiGate CLI Reference, the default behavior of logging to the local disk is as follows:

  • When the log disk usage reaches 75%, the FortiGate unit sends a warning message to the console and to the syslog server (if configured).
  • When the log disk usage reaches 95%, the FortiGate unit sends another warning message and stops logging new messages. The FortiGate unit will resume logging when the log disk usage drops below 95%.
  • When the log disk usage reaches 100%, the FortiGate unit overwrites the oldest log files with new ones. The FortiGate unit does not send any warning message for this action.

Therefore, option D is the only one that matches this description. Option A is incorrect because the FortiGate unit will overwrite the logs when the disk is full, not stop logging. Option B is incorrect because the FortiGate unit does not require manual intervention to clear logs from the local disk. Option C is incorrect because the first warning is issued at 75%, not 95%.

Reference

Fortinet NSE 4 – FortiOS 7.2 NSE4_FGT-7.2 certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the Fortinet NSE 4 – FortiOS 7.2 NSE4_FGT-7.2 exam and earn Fortinet NSE 4 – FortiOS 7.2 NSE4_FGT-7.2 certification.

Alex Lim is a certified IT Technical Support Architect with over 15 years of experience in designing, implementing, and troubleshooting complex IT systems and networks. He has worked for leading IT companies, such as Microsoft, IBM, and Cisco, providing technical support and solutions to clients across various industries and sectors. Alex has a bachelor’s degree in computer science from the National University of Singapore and a master’s degree in information security from the Massachusetts Institute of Technology. He is also the author of several best-selling books on IT technical support, such as The IT Technical Support Handbook and Troubleshooting IT Systems and Networks. Alex lives in Bandar, Johore, Malaysia with his wife and two chilrdren. You can reach him at [email protected] or follow him on Website | Twitter | Facebook

    Ads Blocker Image Powered by Code Help Pro

    Your Support Matters...

    We run an independent site that is committed to delivering valuable content, but it comes with its challenges. Many of our readers use ad blockers, causing our advertising revenue to decline. Unlike some websites, we have not implemented paywalls to restrict access. Your support can make a significant difference. If you find this website useful and choose to support us, it would greatly secure our future. We appreciate your help. If you are currently using an ad blocker, please consider disabling it for our site. Thank you for your understanding and support.