Fortinet NSE5_FAZ-7.0 Fortinet NSE 5 – FortiAnalyzer 7.0 Online Training
Fortinet NSE5_FAZ-7.0 Online Training
The questions for NSE5_FAZ-7.0 were last updated at Jan 03,2025.
- Exam Code: NSE5_FAZ-7.0
- Exam Name: Fortinet NSE 5 - FortiAnalyzer 7.0
- Certification Provider: Fortinet
- Latest update: Jan 03,2025
What is the purpose of a dataset query in FortiAnalyzer?
- A . It sorts log data into tables
- B . It extracts the database schema
- C . It retrieves log data from the database
- D . It injects log data into the database
C
Explanation:
Reference: https://docs2.fortinet.com/document/fortianalyzer/6.0.4/administration-guide/148744/creating-datasets
Refer to the exhibit.
What is the purpose of using the Chart Builder feature on FortiAnalyzer?
- A . In Log View, this feature allows you to build a dataset and chart automatically, based on the filtered search results.
- B . In Log View, this feature allows you to build a chart and chart automatically, on the top 100 log entries.
- C . This feature allows you to build a chart under FortiView.
- D . You can add charts to generated reports using this feature.
Which daemon is responsible for enforcing raw log file size?
- A . logfiled
- B . oftpd
- C . sqlplugind
- D . miglogd
Logs are being deleted from one of the ADOMs earlier than the configured setting for archiving in the datapolicy.
What is the most likely problem?
- A . CPU resources are too high
- B . Logs in that ADOM are being forwarded, in real-time, to another FortiAnalyzer device
- C . The total disk space is insufficient and you need to add other disk
- D . The ADOM disk quota is set too low, based on log rates
D
Explanation:
Reference: https://help.fortinet.com/fmgr/50hlp/56/5-6-1/FMG-FAZ/1100_Storage/0017_Deleted%20device%20logs.htm
Why should you use an NTP server on FortiAnalyzer and all registered devices that log into FortiAnalyzer?
- A . To properly correlate logs
- B . To use real-time forwarding
- C . To resolve host names
- D . To improve DNS response times
After you have moved a registered logging device out of one ADOM and into a new ADOM, what is thepurpose of running the following CLI command?
execute sql-local rebuild-adom <new-ADOM-name>
- A . To reset the disk quota enforcement to default
- B . To remove the analytics logs of the device from the old database
- C . To migrate the archive logs to the new ADOM
- D . To populate the new ADOM with analytical logs for the moved device, so you can run reports
In order for FortiAnalyzer to collect logs from a FortiGate device, what configuration is required? (Choose two.)
- A . Remote logging must be enabled on FortiGate
- B . Log encryption must be enabled
- C . ADOMs must be enabled
- D . FortiGate must be registered with FortiAnalyzer
A,D
Explanation:
Pg 70: “after you add and register a FortiGate device with the FortiAnalyzer unit, youmust also ensure that the FortiGate device is configured to send logs to theFortiAnalyzer unit.”
https://docs.fortinet.com/uploaded/files/4614/FortiAnalyzer-5.4.6-Administration%20Guide.pdf
Pg 45: “ADOMs must be enabled to support the logging and reporting of NON-FORTIGATE devices, such as FortiCarrier, FortiClientEMS, FortiMail, FortiWeb, FortiCache, and FortiSandbox.”
What can you do on FortiAnalyzer to restrict administrative access from specific locations?
- A . Configure trusted hosts for that administrator.
- B . Enable geo-location services on accessible interface.
- C . Configure two-factor authentication with a remote RADIUS server.
- D . Configure an ADOM for respective location.
A
Explanation:
Reference: https://docs.fortinet.com/document/fortigate/6.2.0/hardening-your-fortigate/582009/system-administrator-best-practices
What does the disk status Degraded mean for RAID management?
- A . One or more drives are missing from the FortiAnalyzer unit. The drive is no longer available to the operating system.
- B . The FortiAnalyzer device is writing to all the hard drives on the device in order to make the array fault tolerant.
- C . The FortiAnalyzer device is writing data to a newly added hard drive in order to restore the hard drive to an optimal state.
- D . The hard driveiIs no longer being used by the RAID controller
How can you configure FortiAnalyzer to permit administrator logins from only specific locations?
- A . Use static routes
- B . Use administrative profiles
- C . Use trusted hosts
- D . Use secure protocols
C
Explanation:
https://docs.fortinet.com/document/fortianalyzer/6.2.5/administration-guide/186508/trusted-hosts
Latest NSE5_FAZ-7.0 Dumps Valid Version with 114 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund
