Fortinet NSE5_FAZ-7.2 Fortinet NSE 5 – FortiAnalyzer 7.2 Online Training
Fortinet NSE5_FAZ-7.2 Online Training
The questions for NSE5_FAZ-7.2 were last updated at Mar 12,2025.
- Exam Code: NSE5_FAZ-7.2
- Exam Name: Fortinet NSE 5 - FortiAnalyzer 7.2
- Certification Provider: Fortinet
- Latest update: Mar 12,2025
What is the purpose of a dataset query in FortiAnalyzer?
- A . It sorts log data into tables
- B . It extracts the database schema
- C . It retrieves log data from the database
- D . It injects log data into the database
Logs are being deleted from one of the ADOMs earlier than the configured setting for archiving in the data policy.
What is the most likely problem?
- A . CPU resources are too high
- B . Logs in that ADOM are being forwarded, in real-time, to another FortiAnalyzer device
- C . The total disk space is insufficient and you need to add other disk
- D . The ADOM disk quota is set too low, based on log rates
Which two constraints can impact the amount of reserved disk space required by FortiAnalyzer? (Choose two.)
- A . License type
- B . Disk size
- C . Total quota
- D . RAID level
View the exhibit:
What does the 1000MB maximum for disk utilization refer to?
- A . The disk quota for the FortiAnalyzer model
- B . The disk quota for all devices in the ADOM
- C . The disk quota for each device in the ADOM
- D . The disk quota for the ADOM type
You’ve moved a registered logging device out of one ADOM and into a new ADOM.
What happens when you rebuild the new ADOM database?
- A . FortiAnalyzer resets the disk quota of the new ADOM to default.
- B . FortiAnalyzer migrates archive logs to the new ADOM.
- C . FortiAnalyzer migrates analytics logs to the new ADOM.
- D . FortiAnalyzer removes logs from the old ADOM.
What happens when a log file saved on FortiAnalyzer disks reaches the size specified in the device log
settings?
- A . The log file is stored as a raw log and is available for analytic support.
- B . The log file rolls over and is archived.
- C . The log file is purged from the database.
- D . The log file is overwritten.
What is the purpose of employing RAID with FortiAnalyzer?
- A . To introduce redundancy to your log data
- B . To provide data separation between ADOMs
- C . To separate analytical and archive data
- D . To back up your logs
Which FortiAnalyzer feature allows you to retrieve the archived logs matching a specific timeframe from another FortiAnalyzer device?
- A . Log upload
- B . Indicators of Compromise
- C . Log forwarding an aggregation mode
- D . Log fetching
What is the recommended method of expanding disk space on a FortiAnalyzer VM?
- A . From the VM host manager, add an additional virtual disk and use the #execute lvm extend <disk number> command to expand the storage
- B . From the VM host manager, expand the size of the existing virtual disk
- C . From the VM host manager, expand the size of the existing virtual disk and use the # execute format disk command to reformat the disk
- D . From the VM host manager, add an additional virtual disk and rebuild your RAID array
How are logs forwarded when FortiAnalyzer is using aggregation mode?
- A . Logs are forwarded as they are received and content files are uploaded at a scheduled time.
- B . Logs and content files are stored and uploaded at a scheduled time.
- C . Logs are forwarded as they are received.
- D . Logs and content files are forwarded as they are received.