ExamGecko
Search Search Login
Home Home / Fortinet / NSE5_FAZ-7.2

Fortinet NSE5_FAZ-7.2 Practice Test - Questions Answers, Page 12

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which SQL query is in the correct order to query the database in the FortiAnslyzer?
Which two statements are true regarding ADOM modes? (Choose two.)
What purposes does the auto-cache setting on reports serve? (Choose two.)
Why run the command diagnose sql status sqlplugind?
Which statement correctly describes the management extensions available on FortiAnalyzer?
What is the recommended method of expanding disk space on a FortiAnalyzer VM?
Logs are being deleted from one of your ADOMs earlier that the configured setting for archiving in your data policy. What is the most likely problem?
Which two statements are correct regarding the export and import of playbooks? (Choose two.)
Which two elements are contained in a system backup created on FortiAnalyzer? (Choose two.)
An administrator fortinet, is able to view logs and perform device management tasks, such as adding and removing registered devices. However, administrator fortinet is not able to create a mall server that can be used to send email. What could be the problem?

Question 111

Report
Export
Collapse

What statements are true regarding FortiAnalyzer 's treatment of high availability (HA) dusters?

(Choose two)

A.
FortiAnalyzer distinguishes different devices by their serial number.
A.
FortiAnalyzer distinguishes different devices by their serial number.
Answers
B.
FortiAnalyzer receives logs from d devices in a duster.
B.
FortiAnalyzer receives logs from d devices in a duster.
Answers
C.
FortiAnalyzer receives bgs only from the primary device in the cluster.
C.
FortiAnalyzer receives bgs only from the primary device in the cluster.
Answers
D.
FortiAnalyzer only needs to know (he serial number of the primary device in the cluster-it automaticaly discovers the other devices.
D.
FortiAnalyzer only needs to know (he serial number of the primary device in the cluster-it automaticaly discovers the other devices.
Answers
Suggested answer: A, B

Question 112

Report
Export
Collapse

How can you attach a report to an incident?

A.
By attaching it to an event handler alert
A.
By attaching it to an event handler alert
Answers
B.
By editing the settings of the desired report
B.
By editing the settings of the desired report
Answers
C.
From the properties of an existing incident
C.
From the properties of an existing incident
Answers
D.
Saving it in JSON format, and then importing it
D.
Saving it in JSON format, and then importing it
Answers
Suggested answer: C

Question 113

Report
Export
Collapse

Which item must you configure on FortiAnalyzer to email generated reports automatically?

A.
Output profile
A.
Output profile
Answers
B.
Report scheduling
B.
Report scheduling
Answers
C.
SFTP server
C.
SFTP server
Answers
D.
SNMP server
D.
SNMP server
Answers
Suggested answer: A

Question 114

Report
Export
Collapse

Which statement about the FortiSOAR management extension is correct?

A.
It requires a FortiManager configured to manage FortiGate
A.
It requires a FortiManager configured to manage FortiGate
Answers
B.
It requires a dedicated FortiSOAR device or VM.
B.
It requires a dedicated FortiSOAR device or VM.
Answers
C.
It does not include a limited trial by default.
C.
It does not include a limited trial by default.
Answers
D.
It runs as a docker container on FortiAnalyzer
D.
It runs as a docker container on FortiAnalyzer
Answers
Suggested answer: D

Question 115

Report
Export
Collapse

After generating a report, you notice the information you were expecting to see is not included in it.

What are two possible reasons for this scenario? (Choose two.)

A.
You enabled auto-cache with extended log filtering.
A.
You enabled auto-cache with extended log filtering.
Answers
B.
The logfiled service has not indexed all the expected logs.
B.
The logfiled service has not indexed all the expected logs.
Answers
C.
The logs were overwritten by the data retention policy.
C.
The logs were overwritten by the data retention policy.
Answers
D.
The time frame selected in the report is wrong.
D.
The time frame selected in the report is wrong.
Answers
Suggested answer: B, C

Question 116

Report
Export
Collapse

What is the purpose of using prefilters when configuring event handlers?

A.
They limit which logs are checked for matches by the other filters.
A.
They limit which logs are checked for matches by the other filters.
Answers
B.
They can filter the logs before they are processed by FortiAnalyzer
B.
They can filter the logs before they are processed by FortiAnalyzer
Answers
C.
They download new filters to be used in event handlers.
C.
They download new filters to be used in event handlers.
Answers
D.
They are common filters applied simultaneously to all event handlers.
D.
They are common filters applied simultaneously to all event handlers.
Answers
Suggested answer: A

Question 117

Report
Export
Collapse

Which statement describes a dataset in FortiAnalyzer?

A.
They determine what data is retrieved from the database.
A.
They determine what data is retrieved from the database.
Answers
B.
They provide the layout used for reports.
B.
They provide the layout used for reports.
Answers
C.
They are used to set the data included in templates.
C.
They are used to set the data included in templates.
Answers
D.
They define the chart types to be used in reports.
D.
They define the chart types to be used in reports.
Answers
Suggested answer: A

Question 118

Report
Export
Collapse

A playbook contains five tasks in total. An administrator runs the playbook and four out of five tasks finish successfully, but one task fails. What will be the status of the playbook after it is run?

A.
Running
A.
Running
Answers
B.
Failed
B.
Failed
Answers
C.
Upstream_failed
C.
Upstream_failed
Answers
D.
Success
D.
Success
Answers
Suggested answer: B

Question 119

Report
Export
Collapse

What is the purpose of trigger variables?

A.
To display statistics about the playbook runtime
A.
To display statistics about the playbook runtime
Answers
B.
To use information from the trigger to filter the action in a task
B.
To use information from the trigger to filter the action in a task
Answers
C.
To provide the trigger information to make the playbook start running
C.
To provide the trigger information to make the playbook start running
Answers
D.
To store the start times of playbooks with On_Schedule triggers
D.
To store the start times of playbooks with On_Schedule triggers
Answers
Suggested answer: B

Question 120

Report
Export
Collapse

Which statement about sending notifications with incident updates is true?

A.
Notifications can be sent only when an incident is created or deleted.
A.
Notifications can be sent only when an incident is created or deleted.
Answers
B.
You must configure an output profile to send notifications by email.
B.
You must configure an output profile to send notifications by email.
Answers
C.
Each incident can send notifications to a single external platform.
C.
Each incident can send notifications to a single external platform.
Answers
D.
Each connector used can have different notification settings.
D.
Each connector used can have different notification settings.
Answers
Suggested answer: D
Total 137 questions
Go to page: of 14
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms