Fortinet NSE5_FAZ-6.4 Fortinet NSE 5 – FortiAnalyzer 6.4 Online Training
Fortinet NSE5_FAZ-6.4 Online Training
The questions for NSE5_FAZ-6.4 were last updated at Jan 03,2025.
- Exam Code: NSE5_FAZ-6.4
- Exam Name: Fortinet NSE 5 - FortiAnalyzer 6.4
- Certification Provider: Fortinet
- Latest update: Jan 03,2025
Which two statements are true regarding ADOM modes? (Choose two.)
- A . You can only change ADOM modes through CLI.
- B . In normal mode, the disk quota of the ADOM is fixed and cannot be modified, but in advance mode, the disk quota of the ADOM is flexible because new devices are added to the ADOM.
- C . In an advanced mode ADOM. you can assign FortiGate VDOMs from a single FortiGate device to multiple FortiAnalyzer ADOMs.
- D . Normal mode is the default ADOM mode.
C,D
Explanation:
Reference: https://help.fortinet.com/fa/faz50hlp/56/5-6-1/FMG-FAZ/0800_ADOMs/0400_ADOM%20Device%20Modes.htm
After you have moved a registered logging device out of one ADOM and into a new ADOM, what is the purpose of running the following CLI command?
execute sql-local rebuild-adom <new-ADOM-name>
- A . To reset the disk quota enforcement to default
- B . To remove the analytics logs of the device from the old database
- C . To migrate the archive logs to the new ADOM
- D . To populate the new ADOM with analytical logs for the moved device, so you can run reports
For proper log correlation between the logging devices and FortiAnalyzer, FortiAnalyzer and all registered devices should:
- A . Use DNS
- B . Use host name resolution
- C . Use real-time forwarding
- D . Use an NTP server
If a hard disk fails on a FortiAnalyzer that supports software RAID, what should you do to bring the
FortiAnalyzer back to functioning normally, without losing data?
- A . Hot swap the disk
- B . Replace the disk and rebuild the RAID manually
- C . Take no action if the RAID level supports a failed disk
- D . Shut down FortiAnalyzer and replace the disk
D
Explanation:
https://kb.fortinet.com/kb/documentLink.do?externalID=FD46446#:~:text=On%20FortiAnalyzer%2FFortiManager%20devices%20that, to%20exchanging%20the%20hard%20disk.
If a hard disk on a FortiAnalyzer unit fails, it must be replaced. On FortiAnalyzer devices that support hardware RAID, the hard disk can be replaced while the unit is still running C known as hot swapping. On FortiAnalyzer units with software RAID, the device must be shutdown prior to exchanging the hard disk.
Reference: https://community.fortinet.com/t5/FortiAnalyzer/Technical-Note-How-to-swap-Hard-Disk-on-FortiAnalyzer/ta-p/194997?externalID=FD41397#:~:text=If%20a%20hard%20disk%20on,process%20known%20as%20hot%20swapping
Which statements are true regarding securing communications between FortiAnalyzer and FortiGate with IPsec? (Choose two.)
- A . Must configure the FortiAnalyzer end of the tunnel only–the FortiGate end is auto-negotiated.
- B . Must establish an IPsec tunnel ID and pre-shared key.
- C . IPsec cannot be enabled if SSL is enabled as well.
- D . IPsec is only enabled through the CLI on FortiAnalyzer.
Why should you use an NTP server on FortiAnalyzer and all registered devices that log into FortiAnalyzer?
- A . To properly correlate logs
- B . To use real-time forwarding
- C . To resolve host names
- D . To improve DNS response times
In FortiAnalyzer’s FormView, source and destination IP addresses from FortiGate devices are not resolving to a hostname.
How can you resolve the source and destination IPs, without introducing any additional performance impact to FortiAnalyzer?
- A . Configure local DNS servers on FortiAnalyzer
- B . Resolve IPs on FortiGate
- C . Configure # set resolve-ip enable in the system FortiView settings
- D . Resolve IPs on a per-ADOM basis to reduce delay on FortiView while IPs resolve
How do you restrict an administrator’s access to a subset of your organization’s ADOMs?
- A . Set the ADOM mode to Advanced
- B . Assign the ADOMs to the administrator’s account
- C . Configure trusted hosts
- D . Assign the default Super_User administrator profile
B
Explanation:
https://docs.fortinet.com/document/fortianalyzer/6.2.5/administration-guide/717578/assigning-administrators-to-an-adom
A rogue administrator was accessing FortiAnalyzer without permission, and you are tasked to see what activity was performed by that rogue administrator on FortiAnalyzer.
What can you do on FortiAnalyzer to accomplish this?
- A . Click FortiView and generate a report for that administrator.
- B . Click Task Monitor and view the tasks performed by that administrator.
- C . Click Log View and generate a report for that administrator.
- D . View the tasks performed by the rogue administrator in Fabric View.
B
Explanation:
Reference: https://docs.fortinet.com/document/fortimanager/6.4.1/administration-guide/792943/task-monitor
How can you configure FortiAnalyzer to permit administrator logins from only specific locations?
- A . Use static routes
- B . Use administrative profiles
- C . Use trusted hosts
- D . Use secure protocols
C
Explanation:
https://docs.fortinet.com/document/fortianalyzer/6.2.5/administration-guide/186508/trusted-hosts
Latest NSE5_FAZ-6.4 Dumps Valid Version with 86 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund
