ExamGecko
Home Home / Fortinet / NSE5_FAZ-7.2

Fortinet NSE5_FAZ-7.2 Practice Test - Questions Answers, Page 9

Question list
Search
Search

Which two statements express the advantages of grouping similar reports? (Choose two.)

A.
Improve report completion time.
A.
Improve report completion time.
Answers
B.
Conserve disk space on FortiAnalyzer by grouping multiple similar reports.
B.
Conserve disk space on FortiAnalyzer by grouping multiple similar reports.
Answers
C.
Reduce the number of hcache tables and improve auto-hcache completion time.
C.
Reduce the number of hcache tables and improve auto-hcache completion time.
Answers
D.
Provides a better summary of reports.
D.
Provides a better summary of reports.
Answers
Suggested answer: A, C

What are analytics logs on FortiAnalyzer?

A.
Log type Traffic logs.
A.
Log type Traffic logs.
Answers
B.
Logs that roll over when the log file reaches a specific size.
B.
Logs that roll over when the log file reaches a specific size.
Answers
C.
Logs that are indexed and stored in the SQL.
C.
Logs that are indexed and stored in the SQL.
Answers
D.
Raw logs that are compressed and saved to a log file.
D.
Raw logs that are compressed and saved to a log file.
Answers
Suggested answer: C

What is Log Insert Lag Time on FortiAnalyzer?

A.
The number of times in the logs where end users experienced slowness while accessing resources.
A.
The number of times in the logs where end users experienced slowness while accessing resources.
Answers
B.
The amount of lag time that occurs when the administrator is rebuilding the ADOM database.
B.
The amount of lag time that occurs when the administrator is rebuilding the ADOM database.
Answers
C.
The amount of time that passes between the time a log was received and when it was indexed on FortiAnalyzer.
C.
The amount of time that passes between the time a log was received and when it was indexed on FortiAnalyzer.
Answers
D.
The amount of time FortiAnalyzer takes to receive logs from a registered device
D.
The amount of time FortiAnalyzer takes to receive logs from a registered device
Answers
Suggested answer: C

Refer to the exhibit.

What is the purpose of using the Chart Builder feature on FortiAnalyzer?

A.
In Log View, this feature allows you to build a dataset and chart automatically, based on the filtered search results.
A.
In Log View, this feature allows you to build a dataset and chart automatically, based on the filtered search results.
Answers
B.
In Log View, this feature allows you to build a chart and chart automatically, on the top 100 log entries.
B.
In Log View, this feature allows you to build a chart and chart automatically, on the top 100 log entries.
Answers
C.
This feature allows you to build a chart under FortiView.
C.
This feature allows you to build a chart under FortiView.
Answers
D.
You can add charts to generated reports using this feature.
D.
You can add charts to generated reports using this feature.
Answers
Suggested answer: A

Which two statement are true regardless initial Logs sync and Log Data Sync for Ha on FortiAnalyzer?

A.
By default, Log Data Sync is disabled on all backup devise.
A.
By default, Log Data Sync is disabled on all backup devise.
Answers
B.
Log Data Sync provides real-time log synchronization to all backup devices.
B.
Log Data Sync provides real-time log synchronization to all backup devices.
Answers
C.
With initial Logs Sync, when you add a unit to an HA cluster, the primary device synchronizes its logs with the backup device.
C.
With initial Logs Sync, when you add a unit to an HA cluster, the primary device synchronizes its logs with the backup device.
Answers
D.
When Logs Data Sync is turned on, the backup device will reboot and then rebuilt the log database with the synchronized logs.
D.
When Logs Data Sync is turned on, the backup device will reboot and then rebuilt the log database with the synchronized logs.
Answers
Suggested answer: C, D

Which two statements are true regarding fabric connectors? (Choose two.)

A.
Configuring fabric connectors to send notification to ITSM platform upon incident creation Is more efficient than third-party information from the FortiAnalyzer API.
A.
Configuring fabric connectors to send notification to ITSM platform upon incident creation Is more efficient than third-party information from the FortiAnalyzer API.
Answers
B.
Fabric connectors allow to save storage costs and improve redundancy.
B.
Fabric connectors allow to save storage costs and improve redundancy.
Answers
C.
Storage connector service does not require a separate license to send logs to cloud platform.
C.
Storage connector service does not require a separate license to send logs to cloud platform.
Answers
D.
Cloud-Out connections allow you to send real-time logs to pubic cloud accounts like Amazon S3, Azure Blob , and Google Cloud.
D.
Cloud-Out connections allow you to send real-time logs to pubic cloud accounts like Amazon S3, Azure Blob , and Google Cloud.
Answers
Suggested answer: A, D

What does the disk status Degraded mean for RAID management?

A.
One or more drives are missing from the FortiAnalyzer unit. The drive is no longer available to the operating system.
A.
One or more drives are missing from the FortiAnalyzer unit. The drive is no longer available to the operating system.
Answers
B.
The FortiAnalyzer device is writing to all the hard drives on the device in order to make the array fault tolerant.
B.
The FortiAnalyzer device is writing to all the hard drives on the device in order to make the array fault tolerant.
Answers
C.
The FortiAnalyzer device is writing data to a newly added hard drive in order to restore the hard drive to an optimal state.
C.
The FortiAnalyzer device is writing data to a newly added hard drive in order to restore the hard drive to an optimal state.
Answers
D.
The hard driveiIs no longer being used by the RAID controller
D.
The hard driveiIs no longer being used by the RAID controller
Answers
Suggested answer: D

Which statement is true when you are upgrading the firmware on an HA cluster made up of two FortiAnalyzer devices?

A.
First, upgrade the secondary device, and then upgrade the primary device.
A.
First, upgrade the secondary device, and then upgrade the primary device.
Answers
B.
Both FortiAnalyzer devices will be upgraded at the same time.
B.
Both FortiAnalyzer devices will be upgraded at the same time.
Answers
C.
You can enable uninterruptible-upgrade so that the normal FortiAnalyzer operations are not interrupted while the cluster firmware upgrades.
C.
You can enable uninterruptible-upgrade so that the normal FortiAnalyzer operations are not interrupted while the cluster firmware upgrades.
Answers
D.
You can perform the firmware upgrade using only a console connection.
D.
You can perform the firmware upgrade using only a console connection.
Answers
Suggested answer: A

Explanation:

FortiAnalyzer_7.0_Study_Guide-Online.pdf page 64: To upgrade FortiAnalyzer HA cluster firmware:

1. Log in to each secondary device.

2. Upgrade the firmware of all secondary devices.

3. Wait for the upgrades to complete and verify that all secondary devices joined the cluster.

4. Verify that logs on all secondary devices are synchronized with the primary device.

5. Upgrade the primary device.

https://docs.fortinet.com/document/fortianalyzer/7.2.0/upgrade-guide/262607/upgrading-fortianalyzer-firmware

What is the purpose of output variables?

A.
To store playbook execution statistics
A.
To store playbook execution statistics
Answers
B.
To use the output of the previous task as the input of the current task
B.
To use the output of the previous task as the input of the current task
Answers
C.
To display details of the connectors used by a playbook
C.
To display details of the connectors used by a playbook
Answers
D.
To save all the task settings when a playbook is exported
D.
To save all the task settings when a playbook is exported
Answers
Suggested answer: B

Explanation:

FortiAnalyzer_7.0_Study_Guide-Online.pdf page 242: Output variables allow you to use the output from a preceding task as an input to the current task.

"Output variables allow you to use the output from a preceding task as an input to the current task." FortiAnalyzer_7.0_Study_Guide-Online page 242

Refer to the exhibit.

Laptopt is used by several administrators to manage FortiAnalyzer. You want to configure a generic text filter that matches all login attempts to the web interface generated by any user other than "admin" and coming from Laptop1:

Which filter will achieve the desired result?

A.
operation-login & performed_on=="GUI(10.1.1.100)" & user!=admin
A.
operation-login & performed_on=="GUI(10.1.1.100)" & user!=admin
Answers
B.
operation-login & srcip==10.1.1.100 & dstip==10.1.1.210 & user==admin
B.
operation-login & srcip==10.1.1.100 & dstip==10.1.1.210 & user==admin
Answers
C.
operation-login & dstip==10.1.1.210 & userl-admin
C.
operation-login & dstip==10.1.1.210 & userl-admin
Answers
D.
operation-login & performed_on=="GUI(10.1.1.210)' & user!=admin
D.
operation-login & performed_on=="GUI(10.1.1.210)' & user!=admin
Answers
Suggested answer: A

Explanation:

On there the task was to create a filter for failed logins from any other location but the local computer: "Add the text performed_on!~10.0.1.10. This includes any attempts coming from devices with an IP address that is not the one configured on the Local-Client computer."

Total 137 questions
Go to page: of 14