Fortinet NSE5_FAZ-7.2 Fortinet NSE 5 – FortiAnalyzer 7.2 Online Training
Fortinet NSE5_FAZ-7.2 Online Training
The questions for NSE5_FAZ-7.2 were last updated at Nov 19,2024.
- Exam Code: NSE5_FAZ-7.2
- Exam Name: Fortinet NSE 5 - FortiAnalyzer 7.2
- Certification Provider: Fortinet
- Latest update: Nov 19,2024
Why should you use an NTP server on FortiAnalyzer and all registered devices that log into FortiAnalyzer?
- A . To properly correlate logs
- B . To use real-time forwarding
- C . To resolve host names
- D . To improve DNS response times
A
Explanation:
You need to upgrade your FortiAnalyzer firmware.
What happens to the logs being sent to FortiAnalyzer from FortiGate during the time FortiAnalyzer is temporarily unavailable?
- A . FortiAnalyzer uses log fetching to retrieve the logs when back online
- B . FortiGate uses the miglogd process to cache the logs
- C . The logfiled process stores logs in offline mode
- D . Logs are dropped
B
Explanation:
After you have moved a registered logging device out of one ADOM and into a new ADOM, what is the purpose of running the following CLI command?
execute sql-local rebuild-adom <new-ADOM-name>
- A . To reset the disk quota enforcement to default
- B . To remove the analytics logs of the device from the old database
- C . To migrate the archive logs to the new ADOM
- D . To populate the new ADOM with analytical logs for the moved device, so you can run reports
D
Explanation:
FortiAnalyzer_7.0_Study_Guide-Online.pdf page 128: Are the device analytics logs required for reports in the new ADOM? If so, rebuild the new ADOM database
If a hard disk fails on a FortiAnalyzer that supports software RAID, what should you do to bring the FortiAnalyzer back to functioning normally, without losing data?
- A . Hot swap the disk
- B . Replace the disk and rebuild the RAID manually
- C . Take no action if the RAID level supports a failed disk
- D . Shut down FortiAnalyzer and replace the disk
D
Explanation:
https://kb.fortinet.com/kb/documentLink.do?externalID=FD46446#:~:text=On%20FortiAnalyzer%2F FortiManager%20devices%20that,to%20exchanging%20the%20hard%20disk.
If a hard disk on a FortiAnalyzer unit fails, it must be replaced. On FortiAnalyzer devices that support hardware RAID, the hard disk can be replaced while the unit is still running C known as hot swapping. On FortiAnalyzer units with software RAID, the device must be shutdown prior to exchanging the hard disk.
Reference: https://community.fortinet.com/t5/FortiAnalyzer/Technical-Note-How-to-swap-Hard-Disk-on-FortiAnalyzer/ta-p/194997?externalID=FD41397#:~:text=If%20a%20hard%20disk%20on,process%20known%20as%20hot%20swapping
If you upgrade the FortiAnalyzer firmware, which report element can be affected?
- A . Custom datasets
- B . Report scheduling
- C . Report settings
- D . Output profiles
A
Explanation:
https://docs.fortinet.com/document/fortianalyzer/6.2.5/upgrade-guide/669300/checking-reports
FortiAnalyzer reports are dropping analytical data from 15 days ago, even though the data policy setting for analytics logs is 60 days.
What is the most likely problem?
- A . Quota enforcement is acting on analytical data before a report is complete
- B . Logs are rolling before the report is run
- C . CPU resources are too high
- D . Disk utilization for archive logs is set for 15 days
B
Explanation:
Reference: https://forum.fortinet.com/tm.aspx?m=138806
Which log type does the FortiAnalyzer indicators of compromise feature use to identify infected hosts?
- A . Antivirus logs
- B . Web filter logs
- C . IPS logs
- D . Application control logs
B
Explanation:
Reference: https://help.fortinet.com/fa/faz50hlp/60/6-0-2/Content/FortiAnalyzer_Admin_Guide/3600_FortiView/0200_Using_FortiView/1200_Compromised_hosts_page.htm?TocPath=FortiView%7CUsing%20FortiView%7C_____6
Which two settings must you configure on FortiAnalyzer to allow non-local administrators to authenticate to FortiAnalyzer with any user account in a single LDAP group? (Choose two.)
- A . A local wildcard administrator account
- B . A remote LDAP server
- C . A trusted host profile that restricts access to the LDAP group
- D . An administrator group
A, B
Explanation:
Reference: https://kb.fortinet.com/kb/documentLink.do?externalID=FD38567
When you perform a system backup, what does the backup configuration contain? (Choose two.)
- A . Generated reports
- B . Device list
- C . Authorized devices logs
- D . System information
B, D
Explanation:
https://help.fortinet.com/fa/cli-olh/5-6-5/Content/Document/1400_execute/backup.htm
Reference: https://help.fortinet.com/fauth/5-2/Content/Admin%20Guides/5_2%20Admin%20Guide/300/301_Dashboard.htm
Which clause is considered mandatory in SELECT statements used by the FortiAnalyzer to generate reports?
- A . FROM
- B . LIMIT
- C . WHERE
- D . ORDER BY
A
Explanation:
Reference: https://kb.fortinet.com/kb/documentLink.do?externalID=FD48500
Latest NSE5_FAZ-7.2 Dumps Valid Version with 120 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund
