Fortinet NSE5_FAZ-7.2 Exam Practice Test Instant Access

Question 1

What happens when a log file saved on FortiAnalyzer disks reaches the size specified in the device log

settings?

AThe log file is stored as a raw log and is available for analytic support.

BThe log file rolls over and is archived.

CThe log file is purged from the database.

DThe log file is overwritten.

Answer : B

81a4-00505692583a/FortiAnalyzer-6.0.5-Administration-Guide.pdf

https://docs.fortinet.com/document/fortianalyzer/6.2.5/administration-guide/355632/log-browse

Question 2

On the RAID management page, the disk status is listed as Initializing.

What does the status Initializing indicate about what the FortiAnalyzer is currently doing?

AFortiAnalyzer is ensuring that the parity data of a redundant drive is valid

BFortiAnalyzer is writing data to a newly added hard drive to restore it to an optimal state

CFortiAnalyzer is writing to all of its hard drives to make the array fault tolerant

DFortiAnalyzer is functioning normally

Answer : C

8977-00505692583a/FortiAnalyzer-5.6.10-Administration-Guide.pdf (40)

Question 3

Which statement is true regarding Macros on FortiAnalyzer?

AMacros are ADOM specific and each ADOM will have unique macros relevant to that ADOM.

BMacros are supported only on the FortiGate ADOM.

CMacros are useful in generating excel log files automatically based on the reports settings.

DMacros are predefined templates for reports and cannot be customized.

Answer : A

FortiAnalyzer_7.0_Study_Guide-Online.pdf page 283: Note that macros are ADOM-specific and supported in FortiGate and FortiCarrier ADOMs only.

Question 4

Why should you use an NTP server on FortiAnalyzer and all registered devices that log into FortiAnalyzer?

ATo properly correlate logs

BTo use real-time forwarding

CTo resolve host names

DTo improve DNS response times

Answer : A

Question 5

What is the purpose of a predefined template on the FortiAnalyzer?

AIt can be edited and modified as required

BIt specifies the report layout which contains predefined texts, charts, and macros

CIt specifies report settings which contains time period, device selection, and schedule

DIt contains predefined data to generate mock reports
Explanation:
Reference: https://help.fortinet.com/fa/faz50hlp/56/5-6-2/FMGFAZ/
2300_Reports/0010_Predefined_reports.htm#:~:text=FortiAnalyzer%20includes%20a%20number%
20of,create%20and%2For%20build%20reports.&text=A%20template%20populates%20the%20Layout,that%
20is%20to%20be%20created.
https://help.fortinet.com/fa/faz50hlp/56/5-6-2/FMG-FAZ/2300_Reports/0010_Predefined_reports.htm

Answer : B

Question 6

In the FortiAnalyzer FortiView, source and destination IP addresses from FortiGate devices are not resolving to a hostname.

How can you resolve the source and destination IP addresses, without introducing any additional performance impact to FortiAnalyzer?

AResolve IP addresses on a per-ADOM basis to reduce delay on FortiView while IPs resolve

BConfigure # set resolve-ip enable in the system FortiView settings

CConfigure local DNS servers on FortiAnalyzer

DResolve IP addresses on FortiGate

Answer : D

https://packetplant.com/fortigate-and-fortianalyzer-resolve-source-and-destination-ip/

''As a best practice, it is recommended to resolve IPs on the FortiGate end. This is because you get both source and destination, and it offloads the work from FortiAnalyzer. On FortiAnalyzer, this IP resolution does destination IPs only''

Question 7

An administrator has configured the following settings:

config system fortiview settings

set resolve-ip enable

end

What is the significance of executing this command?

AUse this command only if the source IP addresses are not resolved on FortiGate.

BIt resolves the source and destination IP addresses to a hostname in FortiView on FortiAnalyzer.

CYou must configure local DNS servers on FortiGate for this command to resolve IP addresses on Forti Analyzer.

DIt resolves the destination IP address to a hostname in FortiView on FortiAnalyzer.

Answer : D

Fortinet NSE 5 - FortiAnalyzer 7.2 NSE5_FAZ-7.2 Exam Practice Test