NSE5_FAZ-7.0 Online Practice Questions and Answers

Which log type does the FortiAnalyzer indicators of compromise feature use to identify infected hosts?

A. Antivirus logs

B. Web filter logs

C. IPS logs

D. Application control logs

What are analytics logs on FortiAnalyzer?

A. Log type Traffic logs.

B. Logs that roll over when the log file reaches a specific size.

C. Logs that are indexed and stored in the SQL.

D. Raw logs that are compressed and saved to a log file.

If the primary FortiAnalyzer in an HA cluster fails, how is the new primary elected?

A. The configured IP address is checked first.

B. The active port number is checked first.

C. The firmware version is checked first.

D. The configured priority is checked first

How can you configure FortiAnalyzer to permit administrator logins from only specific locations?

A. Use static routes

B. Use administrative profiles

C. Use trusted hosts

D. Use secure protocols

An administrator has configured the following settings:

config system fortiview settings set resolve-ip enable end

What is the significance of executing this command?

A. Use this command only if the source IP addresses are not resolved on FortiGate.

B. It resolves the source and destination IP addresses to a hostname in FortiView on FortiAnalyzer.

C. You must configure local DNS servers on FortiGate for this command to resolve IP addresses on Forti Analyzer.

D. It resolves the destination IP address to a hostname in FortiView on FortiAnalyzer.

Refer to the exhibit.

Which image corresponds to the packet capture shown in the exhibit?

A. Option A

B. Option B

C. Option C

D. Option D

Which clause is considered mandatory in SELECT statements used by the FortiAnalyzer to generate reports?

A. FROM

B. LIMIT

C. WHERE

D. ORDER BY

What FortiView tool can you use to automatically build a dataset and chart based on a filtered search result?

A. Chart Builder

B. Export to Report Chart

C. Dataset Library

D. Custom View

Which two constraints can impact the amount of reserved disk space required by FortiAnalyzer? (Choose two.)

A. License type

B. Disk size

C. Total quota

D. RAID level

What is required to authorize a FortiGate on FortiAnalyzer using Fabric authorization?

A. A FortiGate ADOM

B. The FortiGate serial number

C. A pre-shared key

D. Valid FortiAnalyzer credentials

Which FortiAnalyzer feature allows you to retrieve the archived logs matching a specific timeframe from another FortiAnalyzer device?

A. Log upload

B. Indicators of Compromise

C. Log forwarding an aggregation mode

D. Log fetching

Which SQL query is in the correct order to query the database in the FortiAnslyzer?

A. SELECT devid WHERE 'user'='USER1' FROM $log GROUP BY devid

B. FROM $log WHERE 'user'='USER1' SELECT devid GROUP BY devid

C. SELECT devid FROM $log WHERE 'user'='USER1' GROUP BY devid

D. SELECT devid FROM $log GROUP BY devid WHERE 'user'='USER1'

Refer to the exhibit.

Laptopt is used by several administrators to manage FortiAnalyzer. You want to configure a generic text filter that matches all login attempts to the web interface generated by any user other than "admin" and coming from Laptop1: Which filter will achieve the desired result?

A. operation-login and performed_on=="GUI(10.1.1.100)" and user!=admin

B. operation-login and srcip==10.1.1.100 and dstip==10.1.1.210 and user==admin

C. operation-login and dstip==10.1.1.210 and userl-admin

D. operation-login and performed_on=="GUI(10.1.1.210)' and user!=admin

If a hard disk fails on a FortiAnalyzer that supports software RAID, what should you do to bring the FortiAnalyzer back to functioning normally, without losing data?

A. Hot swap the disk

B. Replace the disk and rebuild the RAID manually

C. Take no action if the RAID level supports a failed disk

D. Shut down FortiAnalyzer and replace the disk

What is the purpose of the following CLI command?

A. To add a log file checksum

B. To add the MD's hash value and authentication code

C. To add a unique tag to each log to prove that it came from this FortiAnalyzer

D. To encrypt log communications