Black Friday Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmas50

Fortinet NSE5_FAZ-7.2 - Fortinet NSE 5 - FortiAnalyzer 7.2

Page: 2 / 5
Total 137 questions

Logs are being deleted from one of the ADOMs earlier than the configured setting for archiving in the data

policy.

What is the most likely problem?

A.

CPU resources are too high

B.

Logs in that ADOM are being forwarded, in real-time, to another FortiAnalyzer device

C.

The total disk space is insufficient and you need to add other disk

D.

The ADOM disk quota is set too low, based on log rates

Which two actions should an administrator take to view Compromised Hosts on FortiAnalyzer? (Choose two.)

A.

Enable web filtering in firewall policies on FortiGate devices, and make sure these logs are sent to FortiAnalyzer.

B.

Make sure all endpoints are reachable by FortiAnalyzer.

C.

Enable device detection on an interface on the FortiGate devices that are connected to the FortiAnalyzer device.

D.

Subscribe FortiAnalyzer to FortiGuard to keep its local threat database up to date.

If the primary FortiAnalyzer in an HA cluster fails, how is the new primary elected?

A.

The configured IP address is checked first.

B.

The active port number is checked first.

C.

The firmware version is checked first.

D.

The configured priority is checked first

What is the purpose of trigger variables?

A.

To display statistics about the playbook runtime

B.

To use information from the trigger to filter the action in a task

C.

To provide the trigger information to make the playbook start running

D.

To store the start times of playbooks with On_Schedule triggers

Which daemon is responsible for enforcing the log file size?

A.

sqlplugind

B.

logfiled

C.

miglogd

D.

ofrpd

How can you attach a report to an incident?

A.

By attaching it to an event handler alert

B.

By editing the settings of the desired report

C.

From the properties of an existing incident

D.

Saving it in JSON format, and then importing it

Which statement about the FortiSOAR management extension is correct?

A.

It requires a FortiManager configured to manage FortiGate

B.

It requires a dedicated FortiSOAR device or VM.

C.

It does not include a limited trial by default.

D.

It runs as a docker container on FortiAnalyzer

FortiAnalyzer reports are dropping analytical data from 15 days ago, even though the data policy setting for

analytics logs is 60 days.

What is the most likely problem?

A.

Quota enforcement is acting on analytical data before a report is complete

B.

Logs are rolling before the report is run

C.

CPU resources are too high

D.

Disk utilization for archive logs is set for 15 days

What are analytics logs on FortiAnalyzer?

A.

Log type Traffic logs.

B.

Logs that roll over when the log file reaches a specific size.

C.

Logs that are indexed and stored in the SQL.

D.

Raw logs that are compressed and saved to a log file.

Which FortiAnalyzer feature allows you to retrieve the archived logs matching a specific timeframe from

another FortiAnalyzer device?

A.

Log upload

B.

Indicators of Compromise

C.

Log forwarding an aggregation mode

D.

Log fetching