ExamGecko
Login
Home / Fortinet / NSE5_FAZ-7.2 / List of questions
Ask Question

Fortinet NSE5_FAZ-7.2 Practice Test - Questions Answers, Page 3

Add to Whishlist

List of questions

Question 21

Report Export Collapse

Which two methods are the most common methods to control and restrict administrative access on FortiAnalyzer? (Choose two.)

Virtual domains
Virtual domains
Administrative access profiles
Administrative access profiles
Trusted hosts
Trusted hosts
Security Fabric
Security Fabric
Suggested answer: B, C
Explanation:

Reference: https://docs2.fortinet.com/document/fortianalyzer/6.0.0/administrationguide/ 219292/administrator-profiles

https://docs2.fortinet.com/document/fortianalyzer/6.0.0/administration-guide/581222/trustedhosts

asked 18/09/2024
Sebastian van de Zweerde
50 questions

Question 22

Report Export Collapse

Which daemon is responsible for enforcing raw log file size?

logfiled
logfiled
oftpd
oftpd
sqlplugind
sqlplugind
miglogd
miglogd
Suggested answer: A
asked 18/09/2024
Dominique Dusabe
48 questions

Question 23

Report Export Collapse

An administrator has configured the following settings:

config system global

set log-checksum md5-auth

end

What is the significance of executing this command?

This command records the log file MD5 hash value.
This command records the log file MD5 hash value.
This command records passwords in log files and encrypts them.
This command records passwords in log files and encrypts them.
This command encrypts log transfer between FortiAnalyzer and other devices.
This command encrypts log transfer between FortiAnalyzer and other devices.
This command records the log file MD5 hash value and authentication code.
This command records the log file MD5 hash value and authentication code.
Suggested answer: D
Explanation:

Reference: https://docs.fortinet.com/document/fortianalyzer/6.4.6/administrationguide/410387/appendix-b-log-integrity-and-secure-log-transfer

asked 18/09/2024
Janko Schutte
35 questions

Question 24

Report Export Collapse

Which two of the following must you configure on FortiAnalyzer to email a FortiAnalyzer report externally?

(Choose two.)

Mail server
Mail server
Output profile
Output profile
SFTP server
SFTP server
Report scheduling
Report scheduling
Suggested answer: A, B
Explanation:

Reference: https://docs.fortinet.com/document/fortianalyzer/6.0.2/administrationguide/598322/creating-output-profiles

asked 18/09/2024
Oscar Ballabriga
37 questions

Question 25

Report Export Collapse

For which two purposes would you use the command set log checksum? (Choose two.)

To help protect against man-in-the-middle attacks during log upload from FortiAnalyzer to an SFTP server
To help protect against man-in-the-middle attacks during log upload from FortiAnalyzer to an SFTP server
To prevent log modification or tampering
To prevent log modification or tampering
To encrypt log communications
To encrypt log communications
To send an identical set of logs to a second logging server
To send an identical set of logs to a second logging server
Suggested answer: A, B
Explanation:

To prevent logs from being tampered with while in storage, you can add a log checksum using the config system global command. You can configure FortiAnalyzer to record a log file hash value, timestamp, and authentication code when the log is rolled and archived and when the log is uploaded (if that feature is enabled). This can also help against man-in-the-middle only for the transmission from FortiAnalyzer to an SSH File Transfer Protocol (SFTP) server during log upload.

FortiAnalyzer_7.0_Study_Guide-Online page 149

asked 18/09/2024
bijay ghimire
43 questions

Question 26

Report Export Collapse

Refer to the exhibit.

Fortinet NSE5_FAZ-7.2 image Question 26 26313 09182024190052000000

What does the data point at 14:55 tell you?

The received rate is almost at its maximum for this device
The received rate is almost at its maximum for this device
The sqlplugind daemon is behind in log indexing by two logs
The sqlplugind daemon is behind in log indexing by two logs
Logs are being dropped
Logs are being dropped
Raw logs are reaching FortiAnalyzer faster than they can be indexed
Raw logs are reaching FortiAnalyzer faster than they can be indexed
Suggested answer: D
asked 18/09/2024
Penny Chang
51 questions

Question 27

Report Export Collapse

You are using RAID with a FortiAnalyzer that supports software RAID, and one of the hard disks on FortiAnalyzer has failed.

What is the recommended method to replace the disk?

Shut down FortiAnalyzer and then replace the disk
Shut down FortiAnalyzer and then replace the disk
Downgrade your RAID level, replace the disk, and then upgrade your RAID level
Downgrade your RAID level, replace the disk, and then upgrade your RAID level
Clear all RAID alarms and replace the disk while FortiAnalyzer is still running
Clear all RAID alarms and replace the disk while FortiAnalyzer is still running
Perform a hot swap
Perform a hot swap
Suggested answer: A
Explanation:

Fortinet NSE5_FAZ-7.2 image Question 27 explanation 26314 09182024190052000000

https://community.fortinet.com/t5/FortiAnalyzer/Technical-Note-How-to-swap-Hard-Disk-on-FortiAnalyzer/tap/194997?externalID=FD41397#:~:text=If%20a%20hard%20disk%20on,process%20known%20as%20hot%20swapping

asked 18/09/2024
Jose Gonzalez
48 questions

Question 28

Report Export Collapse

On the RAID management page, the disk status is listed as Initializing.

What does the status Initializing indicate about what the FortiAnalyzer is currently doing?

FortiAnalyzer is ensuring that the parity data of a redundant drive is valid
FortiAnalyzer is ensuring that the parity data of a redundant drive is valid
FortiAnalyzer is writing data to a newly added hard drive to restore it to an optimal state
FortiAnalyzer is writing data to a newly added hard drive to restore it to an optimal state
FortiAnalyzer is writing to all of its hard drives to make the array fault tolerant
FortiAnalyzer is writing to all of its hard drives to make the array fault tolerant
FortiAnalyzer is functioning normally
FortiAnalyzer is functioning normally
Suggested answer: C
Explanation:

Reference: https://fortinetweb.s3.amazonaws.com/docs.fortinet.com/v2/attachments/4cb0dce6-dbef-11e9-8977-00505692583a/FortiAnalyzer-5.6.10-Administration-Guide.pdf (40)

asked 18/09/2024
Bart Sandifort
41 questions

Question 29

Report Export Collapse

In the FortiAnalyzer FortiView, source and destination IP addresses from FortiGate devices are not resolving to a hostname.

How can you resolve the source and destination IP addresses, without introducing any additional performance impact to FortiAnalyzer?

Resolve IP addresses on a per-ADOM basis to reduce delay on FortiView while IPs resolve
Resolve IP addresses on a per-ADOM basis to reduce delay on FortiView while IPs resolve
Configure # set resolve-ip enable in the system FortiView settings
Configure # set resolve-ip enable in the system FortiView settings
Configure local DNS servers on FortiAnalyzer
Configure local DNS servers on FortiAnalyzer
Resolve IP addresses on FortiGate
Resolve IP addresses on FortiGate
Suggested answer: D
Explanation:

https://packetplant.com/fortigate-and-fortianalyzer-resolve-source-and-destination-ip/

"As a best practice, it is recommended to resolve IPs on the FortiGate end. This is because you get both source and destination, and it offloads the work from FortiAnalyzer. On FortiAnalyzer, this IP resolution does destination IPs only"

asked 18/09/2024
Gilbert Ciepluch
60 questions

Question 30

Report Export Collapse

You have recently grouped multiple FortiGate devices into a single ADOM. System Settings > Storage Info shows the quota used.

What does the disk quota refer to?

The maximum disk utilization for each device in the ADOM
The maximum disk utilization for each device in the ADOM
The maximum disk utilization for the FortiAnalyzer model
The maximum disk utilization for the FortiAnalyzer model
The maximum disk utilization for the ADOM type
The maximum disk utilization for the ADOM type
The maximum disk utilization for all devices in the ADOM
The maximum disk utilization for all devices in the ADOM
Suggested answer: D
asked 18/09/2024
sangilipandy Arumugam
27 questions
Total 137 questions
Go to page: of 14
Open VPLUS File
Convert VPLUS to PDF

Related questions

Logs are being deleted from one of your ADOMs earlier that the configured setting for archiving in your data policy. What is the most likely problem?
On FortiAnalyzer, what is a wildcard administrator account?
Which SQL query is in the correct order to query the database in the FortiAnslyzer?
Which statement correctly describes the management extensions available on FortiAnalyzer?
What purposes does the auto-cache setting on reports serve? (Choose two.)
An administrator fortinet, is able to view logs and perform device management tasks, such as adding and removing registered devices. However, administrator fortinet is not able to create a mall server that can be used to send email. What could be the problem?
Which two statements are true regarding ADOM modes? (Choose two.)
Which two statements are correct regarding the export and import of playbooks? (Choose two.)
Why run the command diagnose sql status sqlplugind?
What is the recommended method of expanding disk space on a FortiAnalyzer VM?