Fortinet nse5-faz-6-4 practice test

Fortinet NSE 5 - FortiAnalyzer 6.4 Exam

Last exam update: May 17 ,2024
Page 1 out of 7. Viewing questions 1-15 out of 94

Question 1

What does the disk status Degraded mean for RAID management?

  • A. One or more drives are missing from the FortiAnalyzer unit. The drive is no longer available to the operating system.
  • B. The FortiAnalyzer device is writing to all the hard drives on the device in order to make the array fault tolerant.
  • C. The FortiAnalyzer device is writing data to a newly added hard drive in order to restore the hard drive to an optimal state.
  • D. The hard drive Is no longer being used by the RAID controller
Mark Question:
Answer:

D

User Votes:
A
50%
B
50%
C
50%
D
50%

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 2

Which two statements are true regarding fabric connectors? (Choose two.)

  • A. Configuring fabric connectors to send notification to ITSM platform upon incident creation Is more efficient than third-party information from the FortiAnalyzer API.
  • B. Fabric connectors allow to save storage costs and improve redundancy.
  • C. Storage connector service does not require a separate license to send logs to cloud platform.
  • D. Cloud-Out connections allow you to send real-time logs to pubic cloud accounts like Amazon S3, Azure Blob , and Google Cloud.
Mark Question:
Answer:

A, D

User Votes:
A
50%
B
50%
C
50%
D
50%

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 3

Which two statement are true regardless initial Logs sync and Log Data Sync for Ha on FortiAnalyzer?

  • A. By default, Log Data Sync is disabled on all backup devise.
  • B. Log Data Sync provides real-time log synchronization to all backup devices.
  • C. With initial Logs Sync, when you add a unit to an HA cluster, the primary device synchronizes its logs with the backup device.
  • D. When Logs Data Sync is turned on, the backup device will reboot and then rebuilt the log database with the synchronized logs.
Mark Question:
Answer:

C, D

User Votes:
A
50%
B
50%
C
50%
D
50%

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 4

Refer to the exhibit.

What is the purpose of using the Chart Builder feature on FortiAnalyzer?

  • A. In Log View, this feature allows you to build a dataset and chart automatically, based on the filtered search results.
  • B. In Log View, this feature allows you to build a chart and chart automatically, on the top 100 log entries.
  • C. This feature allows you to build a chart under FortiView.
  • D. You can add charts to generated reports using this feature.
Mark Question:
Answer:

A

User Votes:
A
50%
B
50%
C
50%
D
50%

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 5

What is Log Insert Lag Time on FortiAnalyzer?

  • A. The number of times in the logs where end users experienced slowness while accessing resources.
  • B. The amount of lag time that occurs when the administrator is rebuilding the ADOM database.
  • C. The amount of time that passes between the time a log was received and when it was indexed on FortiAnalyzer.
  • D. The amount of time FortiAnalyzer takes to receive logs from a registered device
Mark Question:
Answer:

C

User Votes:
A
50%
B
50%
C
50%
D
50%

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 6

What are analytics logs on FortiAnalyzer?

  • A. Log type Traffic logs.
  • B. Logs that roll over when the log file reaches a specific size.
  • C. Logs that are indexed and stored in the SQL.
  • D. Raw logs that are compressed and saved to a log file.
Mark Question:
Answer:

C

User Votes:
A
50%
B
50%
C
50%
D
50%

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 7

Which two statements express the advantages of grouping similar reports? (Choose two.)

  • A. Improve report completion time.
  • B. Conserve disk space on FortiAnalyzer by grouping multiple similar reports.
  • C. Reduce the number of hcache tables and improve auto-hcache completion time.
  • D. Provides a better summary of reports.
Mark Question:
Answer:

A, C

User Votes:
A
50%
B
50%
C
50%
D
50%

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 8

An administrator fortinet, is able to view logs and perform device management tasks, such as adding
and removing registered devices. However, administrator fortinet is not able to create a mall server
that can be used to send email.
What could be the problem?

  • A. Fortinet is assigned the Standard_ User administrator profile.
  • B. A trusted host is configured.
  • C. ADOM mode is configured with Advanced mode.
  • D. Fortinet is assigned the Restricted_ User administrator profile.
Mark Question:
Answer:

A

User Votes:
A
50%
B
50%
C
50%
D
50%

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 9

What can you do on FortiAnalyzer to restrict administrative access from specific locations?

  • A. Configure trusted hosts for that administrator.
  • B. Enable geo-location services on accessible interface.
  • C. Configure two-factor authentication with a remote RADIUS server.
  • D. Configure an ADOM for respective location.
Mark Question:
Answer:

A

User Votes:
A
50%
B
50%
C
50%
D
50%

Explanation:
Reference:
https://docs.fortinet.com/document/fortigate/6.2.0/hardening-your-
fortigate/582009/system-administrator-best-practices

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 10

In Log View, you can use the Chart Builder feature to build a dataset and chart based on the filtered
search results.
Similarly, which feature you can use for FortiView?

  • A. Export to Report Chart
  • B. Export to PDF
  • C. Export to Chart Builder
  • D. Export to Custom Chart
Mark Question:
Answer:

A

User Votes:
A
50%
B
50%
C
50%
D
50%

Explanation:
Reference:
https://community.fortinet.com/t5/FortiAnalyzer/Creating-a-Custom-report-from-
FortiView-Export-to-Report-Chart/ta-p/190154?externalID=FD40483

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 11

What two things should an administrator do to view Compromised Hosts on FortiAnalyzer? (Choose
two.)

  • A. Enable web filtering in firewall policies on FortiGate devices, and make sure these logs are sent to FortiAnalyzer.
  • B. Enable device detection on an interface on the FortiGate devices that are connected to the FortiAnalyzer.
  • C. Subscribe FortiAnalyzer to FortiGuard to keep its local threat database up-to-date.
  • D. Make sure all endpoints are reachable by FortiAnalyzer.
Mark Question:
Answer:

BC

User Votes:
A
50%
B
50%
C
50%
D
50%

Explanation:
Reference:
https://docs.fortinet.com/document/fortianalyzer/6.4.0/administration-
guide/137635/viewing-compromised-hosts

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 12

An administrator has moved FortiGate A from the root ADOM to ADOM1.
Which two statements are true regarding logs? (Choose two.)

  • A. Analytics logs will be moved to ADOM1 from the root ADOM automatically.
  • B. Archived logs will be moved to ADOM1 from the root ADOM automatically.
  • C. Logs will be presented in both ADOMs immediately after the move.
  • D. Analytics logs will be moved to ADOM1 from the root ADOM after you rebuild the ADOM1 SQL database.
Mark Question:
Answer:

B, D

User Votes:
A
50%
B
50%
C
50%
D
50%

Explanation:
Reference:
https://community.fortinet.com/t5/Fortinet-Forum/FW-Migration-between-ADOMs/m-
p/32683?m=158008

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 13

Which two statements are true regarding high availability (HA) on FortiAnalyzer? (Choose two.)

  • A. FortiAnalyzer HA can function without VRRP. and VRRP is required only if you have more than two FortiAnalyzer devices in a cluster.
  • B. FortiAnalyzer HA supports synchronization of logs as well as some system and configuration settings.
  • C. All devices in a FortiAnalyzer HA cluster must run in the same operation mode: analyzer or collector.
  • D. FortiAnalyzer HA implementation is supported by many public cloud infrastructures such as AWS, Microsoft Azure, and Google Cloud.
Mark Question:
Answer:

BC

User Votes:
A
50%
B
50%
C
50%
D
50%

Explanation:
Reference:
https://help.fortinet.com/fa/faz50hlp/60/6-0-2/Content/FMG-
FAZ/4600_HA/0000_HA.htm?TocPath=High%20Availability%7C_____0

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 14

Refer to the exhibit.

Which two statements are true regarding enabling auto-cache on FortiAnalyzer? (Choose two.)

  • A. Report size will be optimized to conserve disk space on FortiAnalyzer.
  • B. Reports will be cached in the memory.
  • C. This feature is automatically enabled for scheduled reports.
  • D. Enabling auto-cache reduces report generation time for reports that require a long time to assemble datasets.
Mark Question:
Answer:

C, D

User Votes:
A
50%
B
50%
C
50%
D
50%

Explanation:
Reference:
https://help.fortinet.com/fa/faz50hlp/56/5-6-2/FMG-FAZ/2300_Reports/0025_Auto-
cache.htm

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 15

The admin administrator is failing to register a FortiClient EMS on the FortiAnalyzer device.
What can be the reason for this failure?

  • A. FortiAnalyzer is in an HA cluster.
  • B. ADOM mode should be set to advanced, in order to register the FortiClient EMS device.
  • C. ADOMs are not enabled on FortiAnalyzer.
  • D. A separate license is required on FortiAnalyzer in order to register the FortiClient EMS device.
Mark Question:
Answer:

C

User Votes:
A
50%
B
50%
C
50%
D
50%

Explanation:
Reference:
https://help.fortinet.com/fa/faz50hlp/56/5-6-2/FMG-
FAZ/0800_ADOMs/0015_FortiClient%20and%20ADOMs.htm

Discussions
vote your answer:
A
B
C
D
0 / 1000
To page 2