What should you do if you want to restrict an admin's access to specific functionalities?

Creating a tailored admin profile is the appropriate action to restrict an admin's access to specific functionalities. Within Fortinet's FortiAnalyzer, user management is designed to enhance security and ensure that individuals have only the necessary permissions to perform their tasks. By creating a tailored admin profile, you can specify which actions and features each administrator can access, thus providing fine-grained control over their interaction with the system.

This choice allows for the implementation of the principle of least privilege, which helps minimize potential security risks by ensuring users only have access to the resources and functionalities necessary for their role. Tailored profiles can include customized permissions, which can be aligned with organizational policies or compliance requirements.

In contrast, changing a user password does not influence which functionalities are accessible—it merely alters the authentication method. Updating device settings directly is not typically associated with user role management and may affect broader configurations rather than individual permissions. Removing an admin's status would completely revoke their access, which can be useful in certain situations but is not a method for restricting access while still allowing some level of functionality.