Fortinet NSE5_FAZ-7.2 Exam Questions Instant Access

Question 1

Which statement describes online logs on FortiAnalyzer?

ALogs that reached a specific size and were rolled over

BLogs that can be used to create reports

CLogs that can be viewed using Log Browse

DLogs that are saved to disk, compressed, and available in FortiView

Answer : C

Question 2

Which statements are true regarding securing communications between FortiAnalyzer and FortiGate with SSL? (Choose two.)

ASSL is the default setting.

BSSL communications are auto-negotiated between the two devices.

CSSL can send logs in real-time only.

DSSL encryption levels are globally set on FortiAnalyzer.

EFortiAnalyzer encryption level must be equal to, or higher than, FortiGate.

Answer : A, D

Question 3

An administrator fortinet, is able to view logs and perform device management tasks, such as adding and removing registered devices. However, administrator fortinet is not able to create a mall server that can be used to send email.

What could be the problem?

AFortinet is assigned the Standard_ User administrator profile.

BA trusted host is configured.

CADOM mode is configured with Advanced mode.

DFortinet is assigned the Restricted_ User administrator profile.

Answer : A

* Super_User, which, like in FortiGate, provides access to all device and system privileges.

* Standard_User, which provides read and write access to device privileges, but not system privileges.

* Restricted_User, which provides read access only to device privileges, but not system privileges. Access

to the Management extensions is also removed.

* No_Permissions_User, which provides no system or device privileges. Can be used, for example, to

temporarily remove access granted to existing admins.

FortiAnalyzer_7.0_Study_Guide-Online page 42

Question 4

Which statements are true regarding securing communications between FortiAnalyzer and FortiGate with IPsec? (Choose two.)

AMust configure the FortiAnalyzer end of the tunnel only--the FortiGate end is auto-negotiated.

BMust establish an IPsec tunnel ID and pre-shared key.

CIPsec cannot be enabled if SSL is enabled as well.

DIPsec is only enabled through the CLI on FortiAnalyzer.

Answer : B, D

Option B is correct because you must establish an IPsec tunnel ID and pre-shared key to secure the communication between FortiAnalyzer and FortiGate with IPsec12. The tunnel ID is a unique identifier for each tunnel and the pre-shared key is a secret passphrase that authenticates the peers.

Option D is correct because IPsec is only enabled through the CLI on FortiAnalyzer1. You cannot configure IPsec settings through the GUI on FortiAnalyzer.

Question 5

View the exhibit.

What does the data point at 14:35 tell you?

AFortiAnalyzer is dropping logs.

BFortiAnalyzer is indexing logs faster than logs are being received.

CFortiAnalyzer has temporarily stopped receiving logs so older logs' can be indexed.

DThe sqlplugind daemon is ahead in indexing by one log.

Answer : B

https://docs.fortinet.com/document/fortianalyzer/6.2.5/administration-guide/47690/insert-rate-vs-receive-rate-widget

Question 6

What statements are true regarding FortiAnalyzer 's treatment of high availability (HA) dusters? (Choose two)

AFortiAnalyzer distinguishes different devices by their serial number.

BFortiAnalyzer receives logs from d devices in a duster.

CFortiAnalyzer receives bgs only from the primary device in the cluster.

DFortiAnalyzer only needs to know (he serial number of the primary device in the cluster-it automaticaly discovers the other devices.

Answer : A, B

Question 7

View the exhibit:

What does the 1000MB maximum for disk utilization refer to?

AThe disk quota for the FortiAnalyzer model

BThe disk quota for all devices in the ADOM

CThe disk quota for each device in the ADOM

DThe disk quota for the ADOM type

Answer : B

https://docs.fortinet.com/document/fortianalyzer/6.2.0/administration-guide/743670/configuring-log-storage-policy

Fortinet NSE 5 - FortiAnalyzer 7.2 NSE5_FAZ-7.2 Exam Questions