1. Home
  2. Fortinet
  3. NSE 5 Network Security Analyst
  4. NSE5_FAZ-7.2
  5. Fortinet NSE 5 - FortiAnalyzer 7.2 Questions and Answers

Pass the Fortinet NSE 5 Network Security Analyst NSE5_FAZ-7.2 Questions and answers with CertsForce

 Fortinet Exams      Go to Exam Detail      Get Premium Access
Viewing page 1 out of 5 pages
Viewing questions 1-10 out of questions
Questions # 1:

What are offline logs on FortiAnalyzer?

Options:
A.

Compressed logs, which are also known as archive logs, are considered to be offline logs.

B.

When you restart FortiAnalyzer. all stored logs are considered to be offline logs.

C.

Logs that are indexed and stored in the SQL database.

D.

Logs that are collected from offline devices after they boot up.

Expert Solution
Questions # 2:

By default, what happens when a log file reaches its maximum file size?

Options:
A.

FortiAnalyzer overwrites the log files.

B.

FortiAnalyzer stops logging.

C.

FortiAnalyzer rolls the active log by renaming the file.

D.

FortiAnalyzer forwards logs to syslog.

Expert Solution
Questions # 3:

Which log type does the FortiAnalyzer indicators of compromise feature use to identify infected hosts?

Options:
A.

Antivirus logs

B.

Web filter logs

C.

IPS logs

D.

Application control logs

Expert Solution
Questions # 4:

FortiAnalyzer centralizes which functions? (Choose three)

Options:
A.

Network analysis

B.

Graphical reporting

C.

Content archiving / data mining

D.

Vulnerability assessment

E.

Security log analysis / forensics

Expert Solution
Questions # 5:

Which tabs do not appear when FortiAnalyzer is operating in Collector mode?

Options:
A.

FortiView

B.

Event Management

C.

Device Manger

D.

Reporting

Expert Solution
Questions # 6:

After you have moved a registered logging device out of one ADOM and into a new ADOM, what is the

purpose of running the following CLI command?

execute sql-local rebuild-adom

Options:
A.

To reset the disk quota enforcement to default

B.

To remove the analytics logs of the device from the old database

C.

To migrate the archive logs to the new ADOM

D.

To populate the new ADOM with analytical logs for the moved device, so you can run reports

Expert Solution
Questions # 7:

FortiAnalyzer uses the Optimized Fabric Transfer Protocok (OFTP) over SSL for what purpose?

Options:
A.

To upload logs to an SFTP server

B.

To prevent log modification during backup

C.

To send an identical set of logs to a second logging server

D.

To encrypt log communication between devices

Expert Solution
Questions # 8:

What statements are true regarding the "store and upload" log transfer option between FortiAnalyzer and FortiGate? (Choose three.)

Options:
A.

All FortiGates can send logs to FortiAnalyzer using the store and upload option.

B.

Only FortiGate models with hard disks can send logs to FortiAnalyzer using the store and upload option.

C.

Both secure communications methods (SSL and IPsec) allow the store and upload option.

D.

Disk logging is enabled on the FortiGate through the CLI only.

E.

Disk logging is enabled by default on the FortiGate.

Expert Solution
Questions # 9:

Which item must you configure on FortiAnalyzer to email generated reports automatically?

Options:
A.

Output profile

B.

Report scheduling

C.

SFTP server

D.

SNMP server

Expert Solution
Questions # 10:

Which two statement are true regardless initial Logs sync and Log Data Sync for Ha on FortiAnalyzer?

Options:
A.

By default, Log Data Sync is disabled on all backup devise.

B.

Log Data Sync provides real-time log synchronization to all backup devices.

C.

With initial Logs Sync, when you add a unit to an HA cluster, the primary device synchronizes its logs with the backup device.

D.

When Logs Data Sync is turned on, the backup device will reboot and then rebuilt the log database with the synchronized logs.

Expert Solution
Viewing page 1 out of 5 pages
Viewing questions 1-10 out of questions