ExamGecko
Search Search Login
Home Home / Fortinet / NSE5_FAZ-7.2

Fortinet NSE5_FAZ-7.2 Practice Test - Questions Answers, Page 3

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which SQL query is in the correct order to query the database in the FortiAnslyzer?
Which two statements are true regarding ADOM modes? (Choose two.)
What purposes does the auto-cache setting on reports serve? (Choose two.)
Why run the command diagnose sql status sqlplugind?
Which statement correctly describes the management extensions available on FortiAnalyzer?
An administrator fortinet, is able to view logs and perform device management tasks, such as adding and removing registered devices. However, administrator fortinet is not able to create a mall server that can be used to send email. What could be the problem?
What is the recommended method of expanding disk space on a FortiAnalyzer VM?
Logs are being deleted from one of your ADOMs earlier that the configured setting for archiving in your data policy. What is the most likely problem?
Which two statements are correct regarding the export and import of playbooks? (Choose two.)
Which two elements are contained in a system backup created on FortiAnalyzer? (Choose two.)

Question 21

Report
Export
Collapse

Which two methods are the most common methods to control and restrict administrative access on FortiAnalyzer? (Choose two.)

A.
Virtual domains
A.
Virtual domains
Answers
B.
Administrative access profiles
B.
Administrative access profiles
Answers
C.
Trusted hosts
C.
Trusted hosts
Answers
D.
Security Fabric
D.
Security Fabric
Answers
Suggested answer: B, C

Explanation:

Reference: https://docs2.fortinet.com/document/fortianalyzer/6.0.0/administrationguide/ 219292/administrator-profiles

https://docs2.fortinet.com/document/fortianalyzer/6.0.0/administration-guide/581222/trustedhosts

Question 22

Report
Export
Collapse

Which daemon is responsible for enforcing raw log file size?

A.
logfiled
A.
logfiled
Answers
B.
oftpd
B.
oftpd
Answers
C.
sqlplugind
C.
sqlplugind
Answers
D.
miglogd
D.
miglogd
Answers
Suggested answer: A

Question 23

Report
Export
Collapse

An administrator has configured the following settings:

config system global

set log-checksum md5-auth

end

What is the significance of executing this command?

A.
This command records the log file MD5 hash value.
A.
This command records the log file MD5 hash value.
Answers
B.
This command records passwords in log files and encrypts them.
B.
This command records passwords in log files and encrypts them.
Answers
C.
This command encrypts log transfer between FortiAnalyzer and other devices.
C.
This command encrypts log transfer between FortiAnalyzer and other devices.
Answers
D.
This command records the log file MD5 hash value and authentication code.
D.
This command records the log file MD5 hash value and authentication code.
Answers
Suggested answer: D

Explanation:

Reference: https://docs.fortinet.com/document/fortianalyzer/6.4.6/administrationguide/410387/appendix-b-log-integrity-and-secure-log-transfer

Question 24

Report
Export
Collapse

Which two of the following must you configure on FortiAnalyzer to email a FortiAnalyzer report externally?

(Choose two.)

A.
Mail server
A.
Mail server
Answers
B.
Output profile
B.
Output profile
Answers
C.
SFTP server
C.
SFTP server
Answers
D.
Report scheduling
D.
Report scheduling
Answers
Suggested answer: A, B

Explanation:

Reference: https://docs.fortinet.com/document/fortianalyzer/6.0.2/administrationguide/598322/creating-output-profiles

Question 25

Report
Export
Collapse

For which two purposes would you use the command set log checksum? (Choose two.)

A.
To help protect against man-in-the-middle attacks during log upload from FortiAnalyzer to an SFTP server
A.
To help protect against man-in-the-middle attacks during log upload from FortiAnalyzer to an SFTP server
Answers
B.
To prevent log modification or tampering
B.
To prevent log modification or tampering
Answers
C.
To encrypt log communications
C.
To encrypt log communications
Answers
D.
To send an identical set of logs to a second logging server
D.
To send an identical set of logs to a second logging server
Answers
Suggested answer: A, B

Explanation:

To prevent logs from being tampered with while in storage, you can add a log checksum using the config system global command. You can configure FortiAnalyzer to record a log file hash value, timestamp, and authentication code when the log is rolled and archived and when the log is uploaded (if that feature is enabled). This can also help against man-in-the-middle only for the transmission from FortiAnalyzer to an SSH File Transfer Protocol (SFTP) server during log upload.

FortiAnalyzer_7.0_Study_Guide-Online page 149

Question 26

Report
Export
Collapse

Refer to the exhibit.

What does the data point at 14:55 tell you?

A.
The received rate is almost at its maximum for this device
A.
The received rate is almost at its maximum for this device
Answers
B.
The sqlplugind daemon is behind in log indexing by two logs
B.
The sqlplugind daemon is behind in log indexing by two logs
Answers
C.
Logs are being dropped
C.
Logs are being dropped
Answers
D.
Raw logs are reaching FortiAnalyzer faster than they can be indexed
D.
Raw logs are reaching FortiAnalyzer faster than they can be indexed
Answers
Suggested answer: D

Question 27

Report
Export
Collapse

You are using RAID with a FortiAnalyzer that supports software RAID, and one of the hard disks on FortiAnalyzer has failed.

What is the recommended method to replace the disk?

A.
Shut down FortiAnalyzer and then replace the disk
A.
Shut down FortiAnalyzer and then replace the disk
Answers
B.
Downgrade your RAID level, replace the disk, and then upgrade your RAID level
B.
Downgrade your RAID level, replace the disk, and then upgrade your RAID level
Answers
C.
Clear all RAID alarms and replace the disk while FortiAnalyzer is still running
C.
Clear all RAID alarms and replace the disk while FortiAnalyzer is still running
Answers
D.
Perform a hot swap
D.
Perform a hot swap
Answers
Suggested answer: A

Explanation:

https://community.fortinet.com/t5/FortiAnalyzer/Technical-Note-How-to-swap-Hard-Disk-on-FortiAnalyzer/tap/194997?externalID=FD41397#:~:text=If%20a%20hard%20disk%20on,process%20known%20as%20hot%20swapping

Question 28

Report
Export
Collapse

On the RAID management page, the disk status is listed as Initializing.

What does the status Initializing indicate about what the FortiAnalyzer is currently doing?

A.
FortiAnalyzer is ensuring that the parity data of a redundant drive is valid
A.
FortiAnalyzer is ensuring that the parity data of a redundant drive is valid
Answers
B.
FortiAnalyzer is writing data to a newly added hard drive to restore it to an optimal state
B.
FortiAnalyzer is writing data to a newly added hard drive to restore it to an optimal state
Answers
C.
FortiAnalyzer is writing to all of its hard drives to make the array fault tolerant
C.
FortiAnalyzer is writing to all of its hard drives to make the array fault tolerant
Answers
D.
FortiAnalyzer is functioning normally
D.
FortiAnalyzer is functioning normally
Answers
Suggested answer: C

Explanation:

Reference: https://fortinetweb.s3.amazonaws.com/docs.fortinet.com/v2/attachments/4cb0dce6-dbef-11e9-8977-00505692583a/FortiAnalyzer-5.6.10-Administration-Guide.pdf (40)

Question 29

Report
Export
Collapse

In the FortiAnalyzer FortiView, source and destination IP addresses from FortiGate devices are not resolving to a hostname.

How can you resolve the source and destination IP addresses, without introducing any additional performance impact to FortiAnalyzer?

A.
Resolve IP addresses on a per-ADOM basis to reduce delay on FortiView while IPs resolve
A.
Resolve IP addresses on a per-ADOM basis to reduce delay on FortiView while IPs resolve
Answers
B.
Configure # set resolve-ip enable in the system FortiView settings
B.
Configure # set resolve-ip enable in the system FortiView settings
Answers
C.
Configure local DNS servers on FortiAnalyzer
C.
Configure local DNS servers on FortiAnalyzer
Answers
D.
Resolve IP addresses on FortiGate
D.
Resolve IP addresses on FortiGate
Answers
Suggested answer: D

Explanation:

https://packetplant.com/fortigate-and-fortianalyzer-resolve-source-and-destination-ip/

"As a best practice, it is recommended to resolve IPs on the FortiGate end. This is because you get both source and destination, and it offloads the work from FortiAnalyzer. On FortiAnalyzer, this IP resolution does destination IPs only"

Question 30

Report
Export
Collapse

You have recently grouped multiple FortiGate devices into a single ADOM. System Settings > Storage Info shows the quota used.

What does the disk quota refer to?

A.
The maximum disk utilization for each device in the ADOM
A.
The maximum disk utilization for each device in the ADOM
Answers
B.
The maximum disk utilization for the FortiAnalyzer model
B.
The maximum disk utilization for the FortiAnalyzer model
Answers
C.
The maximum disk utilization for the ADOM type
C.
The maximum disk utilization for the ADOM type
Answers
D.
The maximum disk utilization for all devices in the ADOM
D.
The maximum disk utilization for all devices in the ADOM
Answers
Suggested answer: D
Total 137 questions
Go to page: of 14
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms