ExamGecko
Search Search Login
Home Home / Fortinet / NSE5_FAZ-7.2

Fortinet NSE5_FAZ-7.2 Practice Test - Questions Answers, Page 8

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which SQL query is in the correct order to query the database in the FortiAnslyzer?
Which two statements are true regarding ADOM modes? (Choose two.)
What purposes does the auto-cache setting on reports serve? (Choose two.)
Why run the command diagnose sql status sqlplugind?
Which statement correctly describes the management extensions available on FortiAnalyzer?
What is the recommended method of expanding disk space on a FortiAnalyzer VM?
Logs are being deleted from one of your ADOMs earlier that the configured setting for archiving in your data policy. What is the most likely problem?
Which two statements are correct regarding the export and import of playbooks? (Choose two.)
Which two elements are contained in a system backup created on FortiAnalyzer? (Choose two.)
An administrator fortinet, is able to view logs and perform device management tasks, such as adding and removing registered devices. However, administrator fortinet is not able to create a mall server that can be used to send email. What could be the problem?

Question 71

Report
Export
Collapse

Refer to the exhibit.

The exhibit shows "remoteservergroup" is an authentication server group with LDAP and RADIUS servers.

Which two statements express the significance of enabling "Match all users on remote server" when configuring a new administrator? (Choose two.)

A.
It creates a wildcard administrator using LDAP and RADIUS servers.
A.
It creates a wildcard administrator using LDAP and RADIUS servers.
Answers
B.
Administrator can log in to FortiAnalyzer using their credentials on remote servers LDAP and RADIUS.
B.
Administrator can log in to FortiAnalyzer using their credentials on remote servers LDAP and RADIUS.
Answers
C.
Use remoteadmin from LDAP and RADIUS servers will be able to log in to FortiAnalyzer at anytime.
C.
Use remoteadmin from LDAP and RADIUS servers will be able to log in to FortiAnalyzer at anytime.
Answers
D.
It allows administrators to use two-factor authentication.
D.
It allows administrators to use two-factor authentication.
Answers
Suggested answer: A, B

Explanation:

Reference: https://docs.fortinet.com/document/fortimanager/7.0.1/administrationguide/858351/creating-administrators

Question 72

Report
Export
Collapse

A rogue administrator was accessing FortiAnalyzer without permission, and you are tasked to see what activity was performed by that rogue administrator on FortiAnalyzer.

What can you do on FortiAnalyzer to accomplish this?

A.
Click FortiView and generate a report for that administrator.
A.
Click FortiView and generate a report for that administrator.
Answers
B.
Click Task Monitor and view the tasks performed by that administrator.
B.
Click Task Monitor and view the tasks performed by that administrator.
Answers
C.
Click Log View and generate a report for that administrator.
C.
Click Log View and generate a report for that administrator.
Answers
D.
View the tasks performed by the rogue administrator in Fabric View.
D.
View the tasks performed by the rogue administrator in Fabric View.
Answers
Suggested answer: B

Explanation:

Reference: https://docs.fortinet.com/document/fortimanager/6.4.1/administrationguide/792943/task-monitor

FortiAnalyzer_7.0_Study_Guide-Online.pdf page 54: View the tasks FortiAnalyzer administrators have performed, including progress and status.

Question 73

Report
Export
Collapse

The admin administrator is failing to register a FortiClient EMS on the FortiAnalyzer device.

What can be the reason for this failure?

A.
FortiAnalyzer is in an HA cluster.
A.
FortiAnalyzer is in an HA cluster.
Answers
B.
ADOM mode should be set to advanced, in order to register the FortiClient EMS device.
B.
ADOM mode should be set to advanced, in order to register the FortiClient EMS device.
Answers
C.
ADOMs are not enabled on FortiAnalyzer.
C.
ADOMs are not enabled on FortiAnalyzer.
Answers
D.
A separate license is required on FortiAnalyzer in order to register the FortiClient EMS device.
D.
A separate license is required on FortiAnalyzer in order to register the FortiClient EMS device.
Answers
Suggested answer: C

Explanation:

Reference: https://help.fortinet.com/fa/faz50hlp/56/5-6-2/FMGFAZ/0800_ADOMs/0015_FortiClient%20and%20ADOMs.htm

Question 74

Report
Export
Collapse

Refer to the exhibit.

Which two statements are true regarding enabling auto-cache on FortiAnalyzer? (Choose two.)

A.
Report size will be optimized to conserve disk space on FortiAnalyzer.
A.
Report size will be optimized to conserve disk space on FortiAnalyzer.
Answers
B.
Reports will be cached in the memory.
B.
Reports will be cached in the memory.
Answers
C.
This feature is automatically enabled for scheduled reports.
C.
This feature is automatically enabled for scheduled reports.
Answers
D.
Enabling auto-cache reduces report generation time for reports that require a long time to assemble datasets.
D.
Enabling auto-cache reduces report generation time for reports that require a long time to assemble datasets.
Answers
Suggested answer: C, D

Explanation:

"Enable auto-cache in the report settings to boost the reporting performance and reduce report generation time. Scheduled reports have auto-cache enabled already."

FortiAnalyzer_7.0_Study_Guide-Online page 306

Question 75

Report
Export
Collapse

Which two statements are true regarding high availability (HA) on FortiAnalyzer? (Choose two.)

A.
FortiAnalyzer HA can function without VRRP. and VRRP is required only if you have more than two FortiAnalyzer devices in a cluster.
A.
FortiAnalyzer HA can function without VRRP. and VRRP is required only if you have more than two FortiAnalyzer devices in a cluster.
Answers
B.
FortiAnalyzer HA supports synchronization of logs as well as some system and configuration settings.
B.
FortiAnalyzer HA supports synchronization of logs as well as some system and configuration settings.
Answers
C.
All devices in a FortiAnalyzer HA cluster must run in the same operation mode: analyzer or collector.
C.
All devices in a FortiAnalyzer HA cluster must run in the same operation mode: analyzer or collector.
Answers
D.
FortiAnalyzer HA implementation is supported by many public cloud infrastructures such as AWS, Microsoft Azure, and Google Cloud.
D.
FortiAnalyzer HA implementation is supported by many public cloud infrastructures such as AWS, Microsoft Azure, and Google Cloud.
Answers
Suggested answer: B, C

Explanation:

Reference: https://help.fortinet.com/fa/faz50hlp/60/6-0-2/Content/FMGFAZ/4600_HA/0000_HA.htm?TocPath=High%20Availability%7C_____0

FortiAnalyzer HA implementation works only in networks where Virtual Router Redundancy Protocol (VRRP) is permitted. Therefore it may not be supported by some public cloud infrastructures.

Question 76

Report
Export
Collapse

An administrator has moved FortiGate A from the root ADOM to ADOM1.

Which two statements are true regarding logs? (Choose two.)

A.
Analytics logs will be moved to ADOM1 from the root ADOM automatically.
A.
Analytics logs will be moved to ADOM1 from the root ADOM automatically.
Answers
B.
Archived logs will be moved to ADOM1 from the root ADOM automatically.
B.
Archived logs will be moved to ADOM1 from the root ADOM automatically.
Answers
C.
Logs will be presented in both ADOMs immediately after the move.
C.
Logs will be presented in both ADOMs immediately after the move.
Answers
D.
Analytics logs will be moved to ADOM1 from the root ADOM after you rebuild the ADOM1 SQL database.
D.
Analytics logs will be moved to ADOM1 from the root ADOM after you rebuild the ADOM1 SQL database.
Answers
Suggested answer: B, D

Explanation:

Reference: https://community.fortinet.com/t5/Fortinet-Forum/FW-Migration-between-ADOMs/mp/32683?m=158008

Question 77

Report
Export
Collapse

Which two actions should an administrator take to view Compromised Hosts on FortiAnalyzer?

(Choose two.)

A.
Enable web filtering in firewall policies on FortiGate devices, and make sure these logs are sent to FortiAnalyzer.
A.
Enable web filtering in firewall policies on FortiGate devices, and make sure these logs are sent to FortiAnalyzer.
Answers
B.
Make sure all endpoints are reachable by FortiAnalyzer.
B.
Make sure all endpoints are reachable by FortiAnalyzer.
Answers
C.
Enable device detection on an interface on the FortiGate devices that are connected to the FortiAnalyzer device.
C.
Enable device detection on an interface on the FortiGate devices that are connected to the FortiAnalyzer device.
Answers
D.
Subscribe FortiAnalyzer to FortiGuard to keep its local threat database up to date.
D.
Subscribe FortiAnalyzer to FortiGuard to keep its local threat database up to date.
Answers
Suggested answer: A, D

Explanation:

In order to configure IOC, you require the following:

• A one-year subscription to IOC. Note that FortiAnalyzer does include an evaluation license, but it is restrictive and only meant to give you an idea of how the feature works.

• A web filter services subscription on FortiGate device(s)

• Web filter policies on FortiGate device(s) that send traffic to FortiAnalyzer Compromised Hosts or Indicators of Compromise service (IOC) is a licensed feature.

To view Compromised Hosts, you must turn on the UTM web filter of FortiGate devices and subscribe your FortiAnalyzer unit to FortiGuard to keep its local threat database synchronized with the

FortiGuard threat database. See Subscribing FortiAnalyzer to FortiGuard.

Ref : https://docs.fortinet.com/document/fortianalyzer/6.4.0/administration-guide/137635/viewingcompromised-hosts

Question 78

Report
Export
Collapse

In Log View, you can use the Chart Builder feature to build a dataset and chart based on the filtered search results.

Similarly, which feature you can use for FortiView?

A.
Export to Report Chart
A.
Export to Report Chart
Answers
B.
Export to PDF
B.
Export to PDF
Answers
C.
Export to Chart Builder
C.
Export to Chart Builder
Answers
D.
Export to Custom Chart
D.
Export to Custom Chart
Answers
Suggested answer: A

Explanation:

Reference: https://community.fortinet.com/t5/FortiAnalyzer/Creating-a-Custom-report-from-FortiView-Export-to-Report-Chart/ta-p/190154?externalID=FD40483

Similar to the Chart Builder feature in Log View, you can export a chart from a FortiView. The chart export includes any filters you set on the FortiView. FortiAnalyzer_7.0_Study_Guide-Online pag. 292.

Question 79

Report
Export
Collapse

What can you do on FortiAnalyzer to restrict administrative access from specific locations?

A.
Configure trusted hosts for that administrator.
A.
Configure trusted hosts for that administrator.
Answers
B.
Enable geo-location services on accessible interface.
B.
Enable geo-location services on accessible interface.
Answers
C.
Configure two-factor authentication with a remote RADIUS server.
C.
Configure two-factor authentication with a remote RADIUS server.
Answers
D.
Configure an ADOM for respective location.
D.
Configure an ADOM for respective location.
Answers
Suggested answer: A

Explanation:

Reference: https://docs.fortinet.com/document/fortigate/6.2.0/hardening-yourfortigate/582009/system-administrator-best-practices

Question 80

Report
Export
Collapse

An administrator fortinet, is able to view logs and perform device management tasks, such as adding and removing registered devices. However, administrator fortinet is not able to create a mall server that can be used to send email.

What could be the problem?

A.
Fortinet is assigned the Standard_ User administrator profile.
A.
Fortinet is assigned the Standard_ User administrator profile.
Answers
B.
A trusted host is configured.
B.
A trusted host is configured.
Answers
C.
ADOM mode is configured with Advanced mode.
C.
ADOM mode is configured with Advanced mode.
Answers
D.
Fortinet is assigned the Restricted_ User administrator profile.
D.
Fortinet is assigned the Restricted_ User administrator profile.
Answers
Suggested answer: A

Explanation:

• Super_User, which, like in FortiGate, provides access to all device and system privileges.

• Standard_User, which provides read and write access to device privileges, but not system privileges.

• Restricted_User, which provides read access only to device privileges, but not system privileges.

Access to the Management extensions is also removed.

• No_Permissions_User, which provides no system or device privileges. Can be used, for example, to temporarily remove access granted to existing admins.

FortiAnalyzer_7.0_Study_Guide-Online page 42

Total 137 questions
Go to page: of 14
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms