Fortinet NSE5_FAZ-7.2 Practice Test - Questions Answers, Page 14
Question list
List of questions
Related questions
Which daemon is responsible for enforcing the log file size?
A.
sqlplugind
B.
logfiled
C.
miglogd
D.
ofrpd
Refer to the exhibit.
Which statement is correct regarding the event displayed?
A.
The security risk was blocked or dropped.
B.
The security event risk is considered open.
C.
An incident was created from this event.
D.
The risk source is isolated.
What is required to authorize a FortiGate on FortiAnalyzer using Fabric authorization?
A.
A FortiGate ADOM
B.
The FortiGate serial number
C.
A pre-shared key
D.
Valid FortiAnalyzer credentials
Refer to the exhibit.
Which image corresponds to the packet capture shown in the exhibit?
A)
B)
C)
D)
A.
Option A
B.
Option B
C.
Option C
D.
Option D
What are two benefits of using fabric connectors? (Choose two.)
A.
They allow FortiAnalyzer to send logs in real-time to public cloud accounts.
B.
You do not need an additional license to send logs to the cloud platform.
C.
Fabric connectors allow you to improve redundancy.
D.
Using fabric connectors is more efficient than using third-party polling with API.
Which log will generate an event with the status Contained?
A.
An IPS log with action=pass.
B.
A WebFilter log with action=dropped.
C.
An AV log with action=quarantine.
D.
An AppControl log with action=blocked.
Refer to the exhibit.
Laptop1 is used by several administrators to manage FortiAnalyzer. You want to configure a generic text filter that matches all login attempts to the web interface generated by any user other than "admin", and coming from Laptop1.
Which filter will achieve the desired result?
A.
operation-login & dstip==10.1.1.210 & user!-admin
B.
operation-login & srcip==10.1.1.100 & dstip==10.1.1.210 & user==admin
C.
operation-login & performed_on=="GUI(10.1.1.210)" & user!=admin
D.
operation-login & performed_on=="GUI(10.1.1.100)" & user!=admin
Question