Download the Latest NSE5_FAZ-7.0 Dumps - 2023 NSE5_FAZ-7.0 Exam Questions

Latest Fortinet NSE5_FAZ-7.0 Certification Practice Test Questions

Fortinet NSE5_FAZ-7.0 Exam Syllabus Topics:

Topic	Details
Topic 1	Configure high availability (HA) Troubleshoot and manage logs
Topic 2	System configuration Protect log data Manage incidents
Topic 3	Configure administrative domains (ADOMs) Create and manage playbooks
Topic 4	Troubleshoot device communication issues Configure administrative access
Topic 5	Customize and generate reports Device registration and communication

 

NEW QUESTION 25
For which two purposes would you use the command set log checksum? (Choose two.)

• A. To help protect against man-in-the-middle attacks during log upload from FortiAnalyzer to an SFTP server
• B. To send an identical set of logs to a second logging server
• C. To prevent log modification or tampering
• D. To encrypt log communications

Answer: A,C

Explanation:
To prevent logs from being tampered with while in storage, you can add a log checksum using the config system global command. You can configure FortiAnalyzer to record a log file hash value, timestamp, and authentication code when the log is rolled and archived and when the log is uploaded (if that feature is enabled). This can also help against man-in-the-middle only for the transmission from FortiAnalyzer to an SSH File Transfer Protocol (SFTP) server during log upload.
FortiAnalyzer_7.0_Study_Guide-Online page 149

 

NEW QUESTION 26
What must you configure on FortiAnalyzer to upload a FortiAnalyzer report to a supported external server?
(Choose two.)

• A. SFTP, FTP, or SCP server
• B. Mail server
• C. Report scheduling
• D. Output profile

Answer: B,D

Explanation:
https://docs.fortinet.com/document/fortianalyzer/6.0.2/administration-guide/598322/creating-output-profiles

 

NEW QUESTION 27
Refer to the exhibit.

The image displays the configuration of a FortiAnalyzer the administrator wants to join to an existing HA cluster.
What can you conclude from the configuration displayed?

• A. This FortiAnalyzer is configured to receive logs in its port1.
• B. This FortiAnalyzer will trigger a failover after losing communication with its peers for 10 seconds.
• C. After joining to the cluster, this FortiAnalyzer will keep an updated log database.
• D. This FortiAnalyzer will join to the existing HA cluster as the primary.

Answer: A

Explanation:
"If the preferred role is Primary, then this unit becomes the primary unit if it is configured first in a new HA cluster. If there is an existing primary unit, then this unit becomes a secondary unit." (https://docs.fortinet.com/document/fortianalyzer/7.0.5/administration-guide/275104)

 

NEW QUESTION 28
Which two statements are true regarding fabric connectors? (Choose two.)

• A. Fabric connectors allow to save storage costs and improve redundancy.
• B. Cloud-Out connections allow you to send real-time logs to pubic cloud accounts like Amazon S3, Azure Blob , and Google Cloud.
• C. Storage connector service does not require a separate license to send logs to cloud platform.
• D. Configuring fabric connectors to send notification to ITSM platform upon incident creation Is more efficient than third-party information from the FortiAnalyzer API.

Answer: B,D

 

NEW QUESTION 29
What are the operating modes of FortiAnalyzer? (Choose two)

• A. Analyzer
• B. Collector
• C. Manager
• D. Standalone

Answer: A,B

 

NEW QUESTION 30
What are two of the key features of FortiAnalyzer? (Choose two.)

• A. Cloud-based management
• B. Centralized log repository
• C. Virtual domains (VDOMs)
• D. Reports

Answer: B,D

 

NEW QUESTION 31
FortiAnalyzer reports are dropping analytical data from 15 days ago, even though the data policy setting for analytics logs is 60 days.
What is the most likely problem?

• A. Quota enforcement is acting on analytical data before a report is complete
• B. Disk utilization for archive logs is set for 15 days
• C. Logs are rolling before the report is run
• D. CPU resources are too high

Answer: C

 

NEW QUESTION 32
What happens when a log file saved on FortiAnalyzer disks reaches the size specified in the device log settings?

• A. The log file is overwritten.
• B. The log file is stored as a raw log and is available for analytic support.
• C. The log file rolls over and is archived.
• D. The log file is purged from the database.

Answer: C

Explanation:
Reference:
81a4-00505692583a/FortiAnalyzer-6.0.5-Administration-Guide.pdf
https://docs.fortinet.com/document/fortianalyzer/6.2.5/administration-guide/355632/log-browse

 

NEW QUESTION 33
Refer to the exhibit.

The exhibit shows "remoteservergroup" is an authentication server group with LDAP and RADIUS servers.
Which two statements express the significance of enabling "Match all users on remote server" when configuring a new administrator? (Choose two.)

• A. Administrator can log in to FortiAnalyzer using their credentials on remote servers LDAP and RADIUS.
• B. It creates a wildcard administrator using LDAP and RADIUS servers.
• C. Use remoteadmin from LDAP and RADIUS servers will be able to log in to FortiAnalyzer at anytime.
• D. It allows administrators to use two-factor authentication.

Answer: A,B

 

NEW QUESTION 34
For which two SAML roles can the FortiAnalyzer be configured? (Choose two.)

• A. Service provider
• B. Identity collector
• C. Principal
• D. Identity provider

Answer: A,D

Explanation:
Reference:
20the%20identity%20provider%20(IdP,external%20identity%20provider%20is%20available.
https://docs.fortinet.com/document/fortianalyzer/6.2.0/administration-guide/981386/saml-admin-authentication In FortiAnalyzer, SAML can be enabled across all Security Fabric devices, enabling smooth movement between devices for the administrator by means of single sign-on (SSO).
FortiAnalyzer can play the role of the identity provider (IdP), the service provider (SP), or Fabric SP, when an external identity provider is available.
FortiAnalyzer_7.0_Study_Guide-Online pag. 48

 

NEW QUESTION 35
What is the purpose of output variables?

• A. To use the output of the previous task as the input of the current task
• B. To display details of the connectors used by a playbook
• C. To save all the task settings when a playbook is exported
• D. To store playbook execution statistics

Answer: D

 

NEW QUESTION 36
Which two methods can you use to send event notifications when an event occurs that matches a configured event handler? (Choose two.)

• A. Email
• B. IM
• C. SNMP
• D. SMS

Answer: A,C

Explanation:
Reference:
FortiAnalyzer_Admin_Guide/1800_Events/0200_Event_handlers/0600_Create_event_handlers.htm

 

NEW QUESTION 37
Which two statements are true regarding ADOM modes? (Choose two.)

• A. In an advanced mode ADOM. you can assign FortiGate VDOMs from a single FortiGate device to multiple FortiAnalyzer ADOMs.
• B. Normal mode is the default ADOM mode.
• C. In normal mode, the disk quota of the ADOM is fixed and cannot be modified, but in advance mode, the disk quota of the ADOM is flexible because new devices are added to the ADOM.
• D. You can only change ADOM modes through CLI.

Answer: A,B

 

NEW QUESTION 38
What is the purpose of output variables?

• A. To use the output of the previous task as the input of the current task
• B. To display details of the connectors used by a playbook
• C. To store playbook execution statistics
• D. To save all the task settings when a playbook is exported

Answer: A

Explanation:
FortiAnalyzer_7.0_Study_Guide-Online.pdf page 242: Output variables allow you to use the output from a preceding task as an input to the current task.
"Output variables allow you to use the output from a preceding task as an input to the current task." FortiAnalyzer_7.0_Study_Guide-Online page 242

 

NEW QUESTION 39
When you perform a system backup, what does the backup configuration contain? (Choose two.)

• A. System information
• B. Device list
• C. Generated reports
• D. Authorized devices logs

Answer: A,B

Explanation:
https://help.fortinet.com/fa/cli-olh/5-6-5/Content/Document/1400_execute/backup.htm

 

NEW QUESTION 40
Refer to the exhibit.

What is the purpose of using the Chart Builder feature on FortiAnalyzer?

• A. In Log View, this feature allows you to build a chart and chart automatically, on the top 100 log entries.
• B. This feature allows you to build a chart under FortiView.
• C. In Log View, this feature allows you to build a dataset and chart automatically, based on the filtered search results.
• D. You can add charts to generated reports using this feature.

Answer: C

 

NEW QUESTION 41
Which statement correctly describes the management extensions available on FortiAnalyzer?

• A. Management extensions allow FortiAnalyzer to act as a ForbSIEM supervisor.
• B. Management extensions require a dedicated VM for best performance.
• C. Management extensions do not require additional licenses.
• D. Management extensions may require a minimum number of CPU cores to run.

Answer: C

 

NEW QUESTION 42
......

Verified NSE5_FAZ-7.0 Dumps Q&As - 1 Year Free & Quickly Updates: https://www.examstorrent.com/NSE5_FAZ-7.0-exam-dumps-torrent.html

Get 2023 Updated Free Fortinet NSE5_FAZ-7.0 Exam Questions and Answer: https://drive.google.com/open?id=12Ac1vFLyc75c_E8yAzCVB7vZohPDXx61