1. Home
  2. Fortinet
  3. NSE 5 Network Security Analyst
  4. NSE5_FAZ-7.2
  5. Fortinet NSE 5 - FortiAnalyzer 7.2 Questions and Answers

Pass the Fortinet NSE 5 Network Security Analyst NSE5_FAZ-7.2 Questions and answers with CertsForce

 Fortinet Exams      Go to Exam Detail      Get Premium Access
Viewing page 2 out of 5 pages
Viewing questions 11-20 out of questions
Questions # 11:

Which two elements are contained in a system backup created on FortiAnalyzer? (Choose two.)

Options:
A.

System information

B.

Logs from registered devices

C.

Report information

D.

Database snapshot

Expert Solution
Questions # 12:

Refer to the exhibit.

Question # 12

Which statement is correct regarding the event displayed?

Options:
A.

The security risk was blocked or dropped.

B.

The security event risk is considered open.

C.

An incident was created from this event.

D.

The risk source is isolated.

Expert Solution
Questions # 13:

An administrator has configured the following settings:

config system global

set log-checksum md5-auth

end

What is the significance of executing this command?

Options:
A.

This command records the log file MD5 hash value.

B.

This command records passwords in log files and encrypts them.

C.

This command encrypts log transfer between FortiAnalyzer and other devices.

D.

This command records the log file MD5 hash value and authentication code.

Expert Solution
Questions # 14:

Refer to the exhibit.

Question # 14

Which image corresponds to the packet capture shown in the exhibit?

A)

Question # 14

B)

Question # 14

C)

Question # 14

D)

Question # 14

Options:
A.

Option A

B.

Option B

C.

Option C

D.

Option D

Expert Solution
Questions # 15:

For which two SAML roles can the FortiAnalyzer be configured? (Choose two.)

Options:
A.

Principal

B.

Service provider

C.

Identity collector

D.

Identity provider

Expert Solution
Questions # 16:

Refer to the exhibit.

Question # 16

Laptopt is used by several administrators to manage FortiAnalyzer. You want to configure a generic text filter that matches all login attempts to the web interface generated by any user other than "admin" and coming from Laptop1:

Which filter will achieve the desired result?

Options:
A.

operation-login & performed_on=="GUI(10.1.1.100)" & user!=admin

B.

operation-login & srcip==10.1.1.100 & dstip==10.1.1.210 & user==admin

C.

operation-login & dstip==10.1.1.210 & userl-admin

D.

operation-login & performed_on=="GUI(10.1.1.210)' & user!=admin

Expert Solution
Questions # 17:

What are two advantages of setting up fabric ADOM? (Choose two.)

Options:
A.

It can be used for fast data processing and log correlation

B.

It can be used to facilitate communication between devices in same Security Fabric

C.

It can include all Fortinet devices that are part of the same Security Fabric

D.

It can include only FortiGate devices that are part of the same Security Fabric

Expert Solution
Questions # 18:

Refer to the exhibit.

Question # 18

Based on the partial outputs displayed, which devices can be members of a FortiAnalyzer Fabric?

Options:
A.

FortiAnalyzerl and FortiAnalyzer3

B.

FortiAnalyzer1 and FortiAnalyzer2

C.

All devices listed can be members

D.

FortiAnalyzer2 and FortiAnalyzer3

Expert Solution
Questions # 19:

Which daemon is responsible for enforcing raw log file size?

Options:
A.

logfiled

B.

oftpd

C.

sqlplugind

D.

miglogd

Expert Solution
Questions # 20:

Which two statements are correct regarding the export and import of playbooks? (Choose two.)

Options:
A.

You can export only one playbook at a time.

B.

You can import a playbook even if there is another one with the same name in the destination.

C.

Playbooks can be exported and imported only within the same FortiAnaryzer.

D.

A playbook that was disabled when it was exported, will be disabled when it is imported.

Expert Solution
Viewing page 2 out of 5 pages
Viewing questions 11-20 out of questions