Exam Fortinet NSE 5 - FortiAnalyzer 7.0
Number NSE5_FAZ-7.0
File Name Fortinet NSE 5 -FortiAnalyzer 7-0.VCEPlus.NSE5_FAZ-7.0.2022-11-15.1e.30q.vcex
Size 1.27 Mb
Posted November 15, 2022
Downloads 6

Demo Questions

Question 1
Which two methods are the most common methods to control and restrict administrative access on FortiAnalyzer? (Choose two.)

  • A: Virtual domains
  • B: Administrative access profiles
  • C: Trusted hosts
  • D: Security Fabric

Question 2
Which daemon is responsible for enforcing raw log file size?

  • A: logfiled
  • B: oftpd
  • C: sqlplugind
  • D: miglogd

Question 3
An administrator has configured the following settings: config system global set log-checksum md5-auth end What is the significance of executing this command?

  • A: This command records the log file MD5 hash value.
  • B: This command records passwords in log files and encrypts them.
  • C: This command encrypts log transfer between FortiAnalyzer and other devices.
  • D: This command records the log file MD5 hash value and authentication code.

Question 4
Which two of the following must you configure on FortiAnalyzer to email a FortiAnalyzer report externally?
(Choose two.)

  • A: Mail server
  • B: Output profile
  • C: SFTP server
  • D: Report scheduling

Question 5
For which two purposes would you use the command set log checksum? (Choose two.)

  • A: To help protect against man-in-the-middle attacks during log upload from FortiAnalyzer to an SFTP server
  • B: To prevent log modification or tampering
  • C: To encrypt log communications
  • D: To send an identical set of logs to a second logging server

Question 6
Refer to the exhibit.


What does the data point at 14:55 tell you?

  • A: The received rate is almost at its maximum for this device
  • B: The sqlplugind daemon is behind in log indexing by two logs
  • C: Logs are being dropped
  • D: Raw logs are reaching FortiAnalyzer faster than they can be indexed

Question 7
You are using RAID with a FortiAnalyzer that supports software RAID, and one of the hard disks on FortiAnalyzer has failed.
What is the recommended method to replace the disk?

  • A: Shut down FortiAnalyzer and then replace the disk
  • B: Downgrade your RAID level, replace the disk, and then upgrade your RAID level
  • C: Clear all RAID alarms and replace the disk while FortiAnalyzer is still running
  • D: Perform a hot swap

Question 8
On the RAID management page, the disk status is listed as Initializing.
What does the status Initializing indicate about what the FortiAnalyzer is currently doing?

  • A: FortiAnalyzer is ensuring that the parity data of a redundant drive is valid
  • B: FortiAnalyzer is writing data to a newly added hard drive to restore it to an optimal state
  • C: FortiAnalyzer is writing to all of its hard drives to make the array fault tolerant
  • D: FortiAnalyzer is functioning normally

Question 9
In the FortiAnalyzer FortiView, source and destination IP addresses from FortiGate devices are not resolving to a hostname.
How can you resolve the source and destination IP addresses, without introducing any additional performance impact to FortiAnalyzer?

  • A: Resolve IP addresses on a per-ADOM basis to reduce delay on FortiView while IPs resolve
  • B: Configure # set resolve-ip enable in the system FortiView settings
  • C: Configure local DNS servers on FortiAnalyzer
  • D: Resolve IP addresses on FortiGate

Question 10
You have recently grouped multiple FortiGate devices into a single ADOM. System Settings > Storage Info shows the quota used.
What does the disk quota refer to?

  • A: The maximum disk utilization for each device in the ADOM
  • B: The maximum disk utilization for the FortiAnalyzer model
  • C: The maximum disk utilization for the ADOM type
  • D: The maximum disk utilization for all devices in the ADOM



