NSE5_FAZ-7.0 Online Practice Questions and Answers

What is the purpose of employing RAID with FortiAnalyzer?

A. To introduce redundancy to your log data

B. To provide data separation between ADOMs

C. To separate analytical and archive data

D. To back up your logs

A rogue administrator was accessing FortiAnalyzer without permission, and you are tasked to see what activity was performed by that rogue administrator on FortiAnalyzer. What can you do on FortiAnalyzer to accomplish this?

A. Click FortiView and generate a report for that administrator.

B. Click Task Monitor and view the tasks performed by that administrator.

C. Click Log View and generate a report for that administrator.

D. View the tasks performed by the rogue administrator in Fabric View.

Which statement is true when you are upgrading the firmware on an HA cluster made up of two FortiAnalyzer devices?

A. First, upgrade the secondary device, and then upgrade the primary device.

B. Both FortiAnalyzer devices will be upgraded at the same time.

C. You can enable uninterruptible-upgrade so that the normal FortiAnalyzer operations are not interrupted while the cluster firmware upgrades.

D. You can perform the firmware upgrade using only a console connection.

You have recently grouped multiple FortiGate devices into a single ADOM. System Settings > Storage Info shows the quota used. What does the disk quota refer to?

A. The maximum disk utilization for each device in the ADOM

B. The maximum disk utilization for the FortiAnalyzer model

C. The maximum disk utilization for the ADOM type

D. The maximum disk utilization for all devices in the ADOM

An administrator has configured the following settings:

config system global set log-checksum md5-auth end

What is the significance of executing this command?

A. This command records the log file MD5 hash value.

B. This command records passwords in log files and encrypts them.

C. This command encrypts log transfer between FortiAnalyzer and other devices.

D. This command records the log file MD5 hash value and authentication code.

Which two methods are the most common methods to control and restrict administrative access on FortiAnalyzer? (Choose two.)

A. Virtual domains

B. Administrative access profiles

C. Trusted hosts

D. Security Fabric

How do you restrict an administrator's access to a subset of your organization's ADOMs?

A. Set the ADOM mode to Advanced

B. Assign the ADOMs to the administrator's account

C. Configure trusted hosts

D. Assign the default Super_User administrator profile

Which two elements are contained in a system backup created on FortiAnalyzer? (Choose two.)

A. System information

B. Logs from registered devices

C. Report information

D. Database snapshot

Which two statements are correct regarding the export and import of playbooks? (Choose two.)

A. Playbooks can be exported and imported only within the same FortiAnalyzer.

B. You can export only one playbook at a time.

C. A playbook that was disabled when it was exported, will be disabled when it is imported.

D. You can import a playbook even if there is another one with the same name in the destination.

What is the purpose of the following CLI command?

A. To add a log file checksum

B. To add the MD's hash value and authentication code

C. To add a unique tag to each log to prove that it came from this FortiAnalyzer

D. To encrypt log communications