ExamGecko
Login
Home / Fortinet / NSE5_FAZ-7.2 / List of questions
Ask Question

Fortinet NSE5_FAZ-7.2 Practice Test - Questions Answers, Page 8

Add to Whishlist

List of questions

Question 71

Report Export Collapse

Refer to the exhibit.

Fortinet NSE5_FAZ-7.2 image Question 71 26358 09182024190052000000

The exhibit shows "remoteservergroup" is an authentication server group with LDAP and RADIUS servers.

Which two statements express the significance of enabling "Match all users on remote server" when configuring a new administrator? (Choose two.)

It creates a wildcard administrator using LDAP and RADIUS servers.
It creates a wildcard administrator using LDAP and RADIUS servers.
Administrator can log in to FortiAnalyzer using their credentials on remote servers LDAP and RADIUS.
Administrator can log in to FortiAnalyzer using their credentials on remote servers LDAP and RADIUS.
Use remoteadmin from LDAP and RADIUS servers will be able to log in to FortiAnalyzer at anytime.
Use remoteadmin from LDAP and RADIUS servers will be able to log in to FortiAnalyzer at anytime.
It allows administrators to use two-factor authentication.
It allows administrators to use two-factor authentication.
Suggested answer: A, B
Explanation:

Reference: https://docs.fortinet.com/document/fortimanager/7.0.1/administrationguide/858351/creating-administrators

asked 18/09/2024
Mathias Gontek
46 questions

Question 72

Report Export Collapse

A rogue administrator was accessing FortiAnalyzer without permission, and you are tasked to see what activity was performed by that rogue administrator on FortiAnalyzer.

What can you do on FortiAnalyzer to accomplish this?

Click FortiView and generate a report for that administrator.
Click FortiView and generate a report for that administrator.
Click Task Monitor and view the tasks performed by that administrator.
Click Task Monitor and view the tasks performed by that administrator.
Click Log View and generate a report for that administrator.
Click Log View and generate a report for that administrator.
View the tasks performed by the rogue administrator in Fabric View.
View the tasks performed by the rogue administrator in Fabric View.
Suggested answer: B
Explanation:

Reference: https://docs.fortinet.com/document/fortimanager/6.4.1/administrationguide/792943/task-monitor

FortiAnalyzer_7.0_Study_Guide-Online.pdf page 54: View the tasks FortiAnalyzer administrators have performed, including progress and status.

asked 18/09/2024
ME BOX
34 questions

Question 73

Report Export Collapse

The admin administrator is failing to register a FortiClient EMS on the FortiAnalyzer device.

What can be the reason for this failure?

FortiAnalyzer is in an HA cluster.
FortiAnalyzer is in an HA cluster.
ADOM mode should be set to advanced, in order to register the FortiClient EMS device.
ADOM mode should be set to advanced, in order to register the FortiClient EMS device.
ADOMs are not enabled on FortiAnalyzer.
ADOMs are not enabled on FortiAnalyzer.
A separate license is required on FortiAnalyzer in order to register the FortiClient EMS device.
A separate license is required on FortiAnalyzer in order to register the FortiClient EMS device.
Suggested answer: C
Explanation:

Reference: https://help.fortinet.com/fa/faz50hlp/56/5-6-2/FMGFAZ/0800_ADOMs/0015_FortiClient%20and%20ADOMs.htm

asked 18/09/2024
MARIO CRUZ
44 questions

Question 74

Report Export Collapse

Refer to the exhibit.

Fortinet NSE5_FAZ-7.2 image Question 74 26361 09182024190052000000

Which two statements are true regarding enabling auto-cache on FortiAnalyzer? (Choose two.)

Report size will be optimized to conserve disk space on FortiAnalyzer.
Report size will be optimized to conserve disk space on FortiAnalyzer.
Reports will be cached in the memory.
Reports will be cached in the memory.
This feature is automatically enabled for scheduled reports.
This feature is automatically enabled for scheduled reports.
Enabling auto-cache reduces report generation time for reports that require a long time to assemble datasets.
Enabling auto-cache reduces report generation time for reports that require a long time to assemble datasets.
Suggested answer: C, D
Explanation:

"Enable auto-cache in the report settings to boost the reporting performance and reduce report generation time. Scheduled reports have auto-cache enabled already."

FortiAnalyzer_7.0_Study_Guide-Online page 306

asked 18/09/2024
Kristina Stojanovska
47 questions

Question 75

Report Export Collapse

Which two statements are true regarding high availability (HA) on FortiAnalyzer? (Choose two.)

FortiAnalyzer HA can function without VRRP. and VRRP is required only if you have more than two FortiAnalyzer devices in a cluster.
FortiAnalyzer HA can function without VRRP. and VRRP is required only if you have more than two FortiAnalyzer devices in a cluster.
FortiAnalyzer HA supports synchronization of logs as well as some system and configuration settings.
FortiAnalyzer HA supports synchronization of logs as well as some system and configuration settings.
All devices in a FortiAnalyzer HA cluster must run in the same operation mode: analyzer or collector.
All devices in a FortiAnalyzer HA cluster must run in the same operation mode: analyzer or collector.
FortiAnalyzer HA implementation is supported by many public cloud infrastructures such as AWS, Microsoft Azure, and Google Cloud.
FortiAnalyzer HA implementation is supported by many public cloud infrastructures such as AWS, Microsoft Azure, and Google Cloud.
Suggested answer: B, C
Explanation:

Reference: https://help.fortinet.com/fa/faz50hlp/60/6-0-2/Content/FMGFAZ/4600_HA/0000_HA.htm?TocPath=High%20Availability%7C_____0

FortiAnalyzer HA implementation works only in networks where Virtual Router Redundancy Protocol (VRRP) is permitted. Therefore it may not be supported by some public cloud infrastructures.

asked 18/09/2024
First Last
38 questions

Question 76

Report Export Collapse

An administrator has moved FortiGate A from the root ADOM to ADOM1.

Which two statements are true regarding logs? (Choose two.)

Analytics logs will be moved to ADOM1 from the root ADOM automatically.
Analytics logs will be moved to ADOM1 from the root ADOM automatically.
Archived logs will be moved to ADOM1 from the root ADOM automatically.
Archived logs will be moved to ADOM1 from the root ADOM automatically.
Logs will be presented in both ADOMs immediately after the move.
Logs will be presented in both ADOMs immediately after the move.
Analytics logs will be moved to ADOM1 from the root ADOM after you rebuild the ADOM1 SQL database.
Analytics logs will be moved to ADOM1 from the root ADOM after you rebuild the ADOM1 SQL database.
Suggested answer: B, D
Explanation:

Reference: https://community.fortinet.com/t5/Fortinet-Forum/FW-Migration-between-ADOMs/mp/32683?m=158008

asked 18/09/2024
David Kimovec
42 questions

Question 77

Report Export Collapse

Which two actions should an administrator take to view Compromised Hosts on FortiAnalyzer?

(Choose two.)

Enable web filtering in firewall policies on FortiGate devices, and make sure these logs are sent to FortiAnalyzer.
Enable web filtering in firewall policies on FortiGate devices, and make sure these logs are sent to FortiAnalyzer.
Make sure all endpoints are reachable by FortiAnalyzer.
Make sure all endpoints are reachable by FortiAnalyzer.
Enable device detection on an interface on the FortiGate devices that are connected to the FortiAnalyzer device.
Enable device detection on an interface on the FortiGate devices that are connected to the FortiAnalyzer device.
Subscribe FortiAnalyzer to FortiGuard to keep its local threat database up to date.
Subscribe FortiAnalyzer to FortiGuard to keep its local threat database up to date.
Suggested answer: A, D
Explanation:

In order to configure IOC, you require the following:

β€’ A one-year subscription to IOC. Note that FortiAnalyzer does include an evaluation license, but it is restrictive and only meant to give you an idea of how the feature works.

β€’ A web filter services subscription on FortiGate device(s)

β€’ Web filter policies on FortiGate device(s) that send traffic to FortiAnalyzer Compromised Hosts or Indicators of Compromise service (IOC) is a licensed feature.

To view Compromised Hosts, you must turn on the UTM web filter of FortiGate devices and subscribe your FortiAnalyzer unit to FortiGuard to keep its local threat database synchronized with the

FortiGuard threat database. See Subscribing FortiAnalyzer to FortiGuard.

Ref : https://docs.fortinet.com/document/fortianalyzer/6.4.0/administration-guide/137635/viewingcompromised-hosts

asked 18/09/2024
Rajesh Maharajan
41 questions

Question 78

Report Export Collapse

In Log View, you can use the Chart Builder feature to build a dataset and chart based on the filtered search results.

Similarly, which feature you can use for FortiView?

Export to Report Chart
Export to Report Chart
Export to PDF
Export to PDF
Export to Chart Builder
Export to Chart Builder
Export to Custom Chart
Export to Custom Chart
Suggested answer: A
Explanation:

Reference: https://community.fortinet.com/t5/FortiAnalyzer/Creating-a-Custom-report-from-FortiView-Export-to-Report-Chart/ta-p/190154?externalID=FD40483

Similar to the Chart Builder feature in Log View, you can export a chart from a FortiView. The chart export includes any filters you set on the FortiView. FortiAnalyzer_7.0_Study_Guide-Online pag. 292.

asked 18/09/2024
cesar ganguie
48 questions

Question 79

Report Export Collapse

What can you do on FortiAnalyzer to restrict administrative access from specific locations?

Configure trusted hosts for that administrator.
Configure trusted hosts for that administrator.
Enable geo-location services on accessible interface.
Enable geo-location services on accessible interface.
Configure two-factor authentication with a remote RADIUS server.
Configure two-factor authentication with a remote RADIUS server.
Configure an ADOM for respective location.
Configure an ADOM for respective location.
Suggested answer: A
Explanation:

Reference: https://docs.fortinet.com/document/fortigate/6.2.0/hardening-yourfortigate/582009/system-administrator-best-practices

asked 18/09/2024
Simon Liu
40 questions

Question 80

Report Export Collapse

An administrator fortinet, is able to view logs and perform device management tasks, such as adding and removing registered devices. However, administrator fortinet is not able to create a mall server that can be used to send email.

What could be the problem?

Fortinet is assigned the Standard_ User administrator profile.
Fortinet is assigned the Standard_ User administrator profile.
A trusted host is configured.
A trusted host is configured.
ADOM mode is configured with Advanced mode.
ADOM mode is configured with Advanced mode.
Fortinet is assigned the Restricted_ User administrator profile.
Fortinet is assigned the Restricted_ User administrator profile.
Suggested answer: A
Explanation:

β€’ Super_User, which, like in FortiGate, provides access to all device and system privileges.

β€’ Standard_User, which provides read and write access to device privileges, but not system privileges.

β€’ Restricted_User, which provides read access only to device privileges, but not system privileges.

Access to the Management extensions is also removed.

β€’ No_Permissions_User, which provides no system or device privileges. Can be used, for example, to temporarily remove access granted to existing admins.

FortiAnalyzer_7.0_Study_Guide-Online page 42

asked 18/09/2024
lawrence Ajibolade
53 questions
Total 137 questions
Go to page: of 14
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Logs are being deleted from one of your ADOMs earlier that the configured setting for archiving in your data policy. What is the most likely problem?
On FortiAnalyzer, what is a wildcard administrator account?
Which SQL query is in the correct order to query the database in the FortiAnslyzer?
Which statement correctly describes the management extensions available on FortiAnalyzer?
What purposes does the auto-cache setting on reports serve? (Choose two.)
An administrator fortinet, is able to view logs and perform device management tasks, such as adding and removing registered devices. However, administrator fortinet is not able to create a mall server that can be used to send email. What could be the problem?
Which two statements are true regarding ADOM modes? (Choose two.)
Which two statements are correct regarding the export and import of playbooks? (Choose two.)
Why run the command diagnose sql status sqlplugind?
What is the recommended method of expanding disk space on a FortiAnalyzer VM?