ExamGecko
Search Search Login
Home Home / Fortinet / NSE5_FAZ-7.2

Fortinet NSE5_FAZ-7.2 Practice Test - Questions Answers, Page 4

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which SQL query is in the correct order to query the database in the FortiAnslyzer?
Which two statements are true regarding ADOM modes? (Choose two.)
What purposes does the auto-cache setting on reports serve? (Choose two.)
Why run the command diagnose sql status sqlplugind?
Which statement correctly describes the management extensions available on FortiAnalyzer?
An administrator fortinet, is able to view logs and perform device management tasks, such as adding and removing registered devices. However, administrator fortinet is not able to create a mall server that can be used to send email. What could be the problem?
What is the recommended method of expanding disk space on a FortiAnalyzer VM?
Logs are being deleted from one of your ADOMs earlier that the configured setting for archiving in your data policy. What is the most likely problem?
Which two statements are correct regarding the export and import of playbooks? (Choose two.)
Which two elements are contained in a system backup created on FortiAnalyzer? (Choose two.)

Question 31

Report
Export
Collapse

Why should you use an NTP server on FortiAnalyzer and all registered devices that log into FortiAnalyzer?

A.
To properly correlate logs
A.
To properly correlate logs
Answers
B.
To use real-time forwarding
B.
To use real-time forwarding
Answers
C.
To resolve host names
C.
To resolve host names
Answers
D.
To improve DNS response times
D.
To improve DNS response times
Answers
Suggested answer: A

Explanation:

Question 32

Report
Export
Collapse

You need to upgrade your FortiAnalyzer firmware.

What happens to the logs being sent to FortiAnalyzer from FortiGate during the time FortiAnalyzer is temporarily unavailable?

A.
FortiAnalyzer uses log fetching to retrieve the logs when back online
A.
FortiAnalyzer uses log fetching to retrieve the logs when back online
Answers
B.
FortiGate uses the miglogd process to cache the logs
B.
FortiGate uses the miglogd process to cache the logs
Answers
C.
The logfiled process stores logs in offline mode
C.
The logfiled process stores logs in offline mode
Answers
D.
Logs are dropped
D.
Logs are dropped
Answers
Suggested answer: B

Explanation:

Question 33

Report
Export
Collapse

After you have moved a registered logging device out of one ADOM and into a new ADOM, what is the purpose of running the following CLI command?

execute sql-local rebuild-adom <new-ADOM-name>

A.
To reset the disk quota enforcement to default
A.
To reset the disk quota enforcement to default
Answers
B.
To remove the analytics logs of the device from the old database
B.
To remove the analytics logs of the device from the old database
Answers
C.
To migrate the archive logs to the new ADOM
C.
To migrate the archive logs to the new ADOM
Answers
D.
To populate the new ADOM with analytical logs for the moved device, so you can run reports
D.
To populate the new ADOM with analytical logs for the moved device, so you can run reports
Answers
Suggested answer: D

Explanation:

FortiAnalyzer_7.0_Study_Guide-Online.pdf page 128: Are the device analytics logs required for reports in the new ADOM? If so, rebuild the new ADOM database

Question 34

Report
Export
Collapse

If a hard disk fails on a FortiAnalyzer that supports software RAID, what should you do to bring the FortiAnalyzer back to functioning normally, without losing data?

A.
Hot swap the disk
A.
Hot swap the disk
Answers
B.
Replace the disk and rebuild the RAID manually
B.
Replace the disk and rebuild the RAID manually
Answers
C.
Take no action if the RAID level supports a failed disk
C.
Take no action if the RAID level supports a failed disk
Answers
D.
Shut down FortiAnalyzer and replace the disk
D.
Shut down FortiAnalyzer and replace the disk
Answers
Suggested answer: D

Explanation:

https://kb.fortinet.com/kb/documentLink.do?externalID=FD46446#:~:text=On%20FortiAnalyzer%2FFortiManager%20devices%20that,to%20exchanging%20the%20hard%20disk.

If a hard disk on a FortiAnalyzer unit fails, it must be replaced. On FortiAnalyzer devices that support hardware RAID, the hard disk can be replaced while the unit is still running known as hot swapping.

On FortiAnalyzer units with software RAID, the device must be shutdown prior to exchanging the hard disk.

Reference: https://community.fortinet.com/t5/FortiAnalyzer/Technical-Note-How-to-swap-Hard-Disk-on-FortiAnalyzer/tap/194997?externalID=FD41397#:~:text=If%20a%20hard%20disk%20on,process%20known%20as%20hot%20swapping

Question 35

Report
Export
Collapse

If you upgrade the FortiAnalyzer firmware, which report element can be affected?

A.
Custom datasets
A.
Custom datasets
Answers
B.
Report scheduling
B.
Report scheduling
Answers
C.
Report settings
C.
Report settings
Answers
D.
Output profiles
D.
Output profiles
Answers
Suggested answer: A

Explanation:

https://docs.fortinet.com/document/fortianalyzer/6.2.5/upgrade-guide/669300/checking-reports

Question 36

Report
Export
Collapse

FortiAnalyzer reports are dropping analytical data from 15 days ago, even though the data policy setting for analytics logs is 60 days.

What is the most likely problem?

A.
Quota enforcement is acting on analytical data before a report is complete
A.
Quota enforcement is acting on analytical data before a report is complete
Answers
B.
Logs are rolling before the report is run
B.
Logs are rolling before the report is run
Answers
C.
CPU resources are too high
C.
CPU resources are too high
Answers
D.
Disk utilization for archive logs is set for 15 days
D.
Disk utilization for archive logs is set for 15 days
Answers
Suggested answer: B

Explanation:

Reference: https://forum.fortinet.com/tm.aspx?m=138806

Question 37

Report
Export
Collapse

Which log type does the FortiAnalyzer indicators of compromise feature use to identify infected hosts?

A.
Antivirus logs
A.
Antivirus logs
Answers
B.
Web filter logs
B.
Web filter logs
Answers
C.
IPS logs
C.
IPS logs
Answers
D.
Application control logs
D.
Application control logs
Answers
Suggested answer: B

Explanation:

Reference: https://help.fortinet.com/fa/faz50hlp/60/6-0-2/Content/FortiAnalyzer_Admin_Guide/3600_FortiView/0200_Using_FortiView/1200_Compromised_hosts_page.htm?TocPath=FortiView%7CUsing%20FortiView%7C_____6

Question 38

Report
Export
Collapse

Which two settings must you configure on FortiAnalyzer to allow non-local administrators to authenticate to FortiAnalyzer with any user account in a single LDAP group? (Choose two.)

A.
A local wildcard administrator account
A.
A local wildcard administrator account
Answers
B.
A remote LDAP server
B.
A remote LDAP server
Answers
C.
A trusted host profile that restricts access to the LDAP group
C.
A trusted host profile that restricts access to the LDAP group
Answers
D.
An administrator group
D.
An administrator group
Answers
Suggested answer: A, B

Explanation:

Reference: https://kb.fortinet.com/kb/documentLink.do?externalID=FD38567

Question 39

Report
Export
Collapse

When you perform a system backup, what does the backup configuration contain? (Choose two.)

A.
Generated reports
A.
Generated reports
Answers
B.
Device list
B.
Device list
Answers
C.
Authorized devices logs
C.
Authorized devices logs
Answers
D.
System information
D.
System information
Answers
Suggested answer: B, D

Explanation:

https://help.fortinet.com/fa/cli-olh/5-6-5/Content/Document/1400_execute/backup.htm

Reference: https://help.fortinet.com/fauth/5-2/Content/Admin%20Guides/5_2%20Admin%20Guide/300/301_Dashboard.htm

Question 40

Report
Export
Collapse

Which clause is considered mandatory in SELECT statements used by the FortiAnalyzer to generate reports?

A.
FROM
A.
FROM
Answers
B.
LIMIT
B.
LIMIT
Answers
C.
WHERE
C.
WHERE
Answers
D.
ORDER BY
D.
ORDER BY
Answers
Suggested answer: A

Explanation:

Reference: https://kb.fortinet.com/kb/documentLink.do?externalID=FD48500

Total 137 questions
Go to page: of 14
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms