NSE5_FAZ-7.2 Dumps

NSE5_FAZ-7.2 Braindumps NSE5_FAZ-7.2 Real Questions NSE5_FAZ-7.2 Practice Test NSE5_FAZ-7.2 Actual Questions


Fortinet


NSE5_FAZ-7.2


NSE 5 - FortiAnalyzer 7.2


https://killexams.com/pass4sure/exam-detail/NSE5_FAZ-7.2


Question: 38


What purposes does the auto-cache setting on reports serve? (Choose two.)


  1. To reduce report generation time

  2. To automatically update the hcache when new logs arrive

  3. To reduce the log insert lag rate

  4. To provide diagnostics on report generation time


Answer: A,B


Explanation:


Reference: https://docs.fortinet.com/document/fortianalyzer/6.0.0/administration-guide/282280/enabling-autocache


Question: 39


If you upgrade your FortiAnalyzer firmware, what report elements can be affected?


  1. Output profiles

  2. Report settings

  3. Report scheduling

  4. Custom datasets Answer: D Question: 40

How does FortiAnalyzer retrieve specific log data from the database?


  1. SQL FROM statement

  2. SQL GET statement

  3. SQL SELECT statement

  4. SQL EXTRACT statement


Answer: A


Explanation:


https://fortinetweb.s3.amazonaws.com/docs.fortinet.com/v2/attachments/137bb60e-ff37-11e8-8524-f8bc1258b856/fortianalyzer-fortigate-sql-technote-40-mr2.pdf


Question: 41


On FortiAnalyzer, what is a wildcard administrator account?


  1. An account that permits access to members of an LDAP group

  2. An account that allows guest access with read-only privileges

  3. An account that requires two-factor authentication

  4. An account that validates against any user account on a FortiAuthenticator


Answer: A


Explanation:


https://docs.fortinet.com/document/fortigate/6.2.0/cookbook/747268/configuring-wildcard-admin-accounts


Question: 42

For proper log correlation between the logging devices and FortiAnalyzer, FortiAnalyzer and all registered devices should:


  1. Use DNS

  2. Use host name resolution

  3. Use real-time forwarding

  4. Use an NTP server Answer: D Question: 43

What FortiGate process caches logs when FortiAnalyzer is not reachable?


  1. logfiled

  2. sqlplugind

  3. oftpd

  4. miglogd Answer: D Explanation:

Reference: https://forum.fortinet.com/tm.aspx?m=143106


Question: 44


FortiAnalyzer uses the Optimized Fabric Transfer Protocok (OFTP) over SSL for what purpose?


  1. To upload logs to an SFTP server

  2. To prevent log modification during backup

  3. To send an identical set of logs to a second logging server

  4. To encrypt log communication between devices


Answer: D Question: 45

How can you configure FortiAnalyzer to permit administrator logins from only specific locations?


  1. Use static routes

  2. Use administrative profiles

  3. Use trusted hosts

  4. Use secure protocols Answer: C Explanation:

https://docs.fortinet.com/document/fortianalyzer/6.2.5/administration-guide/186508/trusted-hosts


Question: 46


Logs are being deleted from one of your ADOMs earlier that the configured setting for archiving in your data policy. What is the most likely problem?

  1. The total disk space is insufficient and you need to add other disk.

  2. CPU resources are too high.

  3. The ADOM disk quota is set too low based on log rates.

  4. Logs in that ADOM are being forwarded in real-time to another FortiAnalyzer device.


Answer: C


Explanation:


https://help.fortinet.com/fmgr/50hlp/56/5-6-1/FMGFAZ/1100_Storage/0017_Deleted%20device%20logs.htm https://docs.fortinet.com/document/fortianalyzer/6.2.5/administration-guide/87802/automatic-deletion

Question: 47


What is the purpose of the following CLI command?



  1. To add a log file checksum

  2. To add the MDâs hash value and authentication code

  3. To add a unique tag to each log to prove that it came from this FortiAnalyzer

  4. To encrypt log communications


Answer: A


Explanation:


https://docs2.fortinet.com/document/fortianalyzer/6.0.3/cli-reference/849211/global


Question: 48


View the exhibit.



What does the data point at 14:35 tell you?


  1. FortiAnalyzer is dropping logs.

  2. FortiAnalyzer is indexing logs faster than logs are being received.

  3. FortiAnalyzer has temporarily stopped receiving logs so older logsâ can be indexed.

  4. The sqlplugind daemon is ahead in indexing by one log.


Answer: B


Explanation:


https://docs.fortinet.com/document/fortianalyzer/6.2.5/administration-guide/47690/insert-rate-vs-receive-rate-widget


Question: 49


What remote authentication servers can you configure to validate your FortiAnalyzer administrator logons? (Choose three)


  1. RADIUS

  2. Local

  3. LDAP

  4. PKI

  5. TACACS+


Answer: A,C,E Question: 50

What statements are true regarding disk log quota? (Choose two)


  1. The FortiAnalyzer stops logging once the disk log quota is met.

  2. The FortiAnalyzer automatically sets the disk log quota based on the device.

  3. The FortiAnalyzer can overwrite the oldest logs or stop logging once the disk log quota is met.

  4. The FortiAnalyzer disk log quota is configurable, but has a minimum o 100mb a maximum based on the reserved system space.


Answer: A,C,D