Fortinet NSE5_FAZ-7.2 Practice Test - Questions Answers, Page 8

List of questions
Question 71

Refer to the exhibit.
The exhibit shows "remoteservergroup" is an authentication server group with LDAP and RADIUS servers.
Which two statements express the significance of enabling "Match all users on remote server" when configuring a new administrator? (Choose two.)
Reference: https://docs.fortinet.com/document/fortimanager/7.0.1/administrationguide/858351/creating-administrators
Question 72

A rogue administrator was accessing FortiAnalyzer without permission, and you are tasked to see what activity was performed by that rogue administrator on FortiAnalyzer.
What can you do on FortiAnalyzer to accomplish this?
Reference: https://docs.fortinet.com/document/fortimanager/6.4.1/administrationguide/792943/task-monitor
FortiAnalyzer_7.0_Study_Guide-Online.pdf page 54: View the tasks FortiAnalyzer administrators have performed, including progress and status.
Question 73

The admin administrator is failing to register a FortiClient EMS on the FortiAnalyzer device.
What can be the reason for this failure?
Reference: https://help.fortinet.com/fa/faz50hlp/56/5-6-2/FMGFAZ/0800_ADOMs/0015_FortiClient%20and%20ADOMs.htm
Question 74

Refer to the exhibit.
Which two statements are true regarding enabling auto-cache on FortiAnalyzer? (Choose two.)
"Enable auto-cache in the report settings to boost the reporting performance and reduce report generation time. Scheduled reports have auto-cache enabled already."
FortiAnalyzer_7.0_Study_Guide-Online page 306
Question 75

Which two statements are true regarding high availability (HA) on FortiAnalyzer? (Choose two.)
Reference: https://help.fortinet.com/fa/faz50hlp/60/6-0-2/Content/FMGFAZ/4600_HA/0000_HA.htm?TocPath=High%20Availability%7C_____0
FortiAnalyzer HA implementation works only in networks where Virtual Router Redundancy Protocol (VRRP) is permitted. Therefore it may not be supported by some public cloud infrastructures.
Question 76

An administrator has moved FortiGate A from the root ADOM to ADOM1.
Which two statements are true regarding logs? (Choose two.)
Reference: https://community.fortinet.com/t5/Fortinet-Forum/FW-Migration-between-ADOMs/mp/32683?m=158008
Question 77

Which two actions should an administrator take to view Compromised Hosts on FortiAnalyzer?
(Choose two.)
In order to configure IOC, you require the following:
β’ A one-year subscription to IOC. Note that FortiAnalyzer does include an evaluation license, but it is restrictive and only meant to give you an idea of how the feature works.
β’ A web filter services subscription on FortiGate device(s)
β’ Web filter policies on FortiGate device(s) that send traffic to FortiAnalyzer Compromised Hosts or Indicators of Compromise service (IOC) is a licensed feature.
To view Compromised Hosts, you must turn on the UTM web filter of FortiGate devices and subscribe your FortiAnalyzer unit to FortiGuard to keep its local threat database synchronized with the
FortiGuard threat database. See Subscribing FortiAnalyzer to FortiGuard.
Ref : https://docs.fortinet.com/document/fortianalyzer/6.4.0/administration-guide/137635/viewingcompromised-hosts
Question 78

In Log View, you can use the Chart Builder feature to build a dataset and chart based on the filtered search results.
Similarly, which feature you can use for FortiView?
Reference: https://community.fortinet.com/t5/FortiAnalyzer/Creating-a-Custom-report-from-FortiView-Export-to-Report-Chart/ta-p/190154?externalID=FD40483
Similar to the Chart Builder feature in Log View, you can export a chart from a FortiView. The chart export includes any filters you set on the FortiView. FortiAnalyzer_7.0_Study_Guide-Online pag. 292.
Question 79

What can you do on FortiAnalyzer to restrict administrative access from specific locations?
Reference: https://docs.fortinet.com/document/fortigate/6.2.0/hardening-yourfortigate/582009/system-administrator-best-practices
Question 80

An administrator fortinet, is able to view logs and perform device management tasks, such as adding and removing registered devices. However, administrator fortinet is not able to create a mall server that can be used to send email.
What could be the problem?
β’ Super_User, which, like in FortiGate, provides access to all device and system privileges.
β’ Standard_User, which provides read and write access to device privileges, but not system privileges.
β’ Restricted_User, which provides read access only to device privileges, but not system privileges.
Access to the Management extensions is also removed.
β’ No_Permissions_User, which provides no system or device privileges. Can be used, for example, to temporarily remove access granted to existing admins.
FortiAnalyzer_7.0_Study_Guide-Online page 42
Question