NSE5_FAZ-7.0 Online Practice Questions and Answers
Which two settings must you configure on FortiAnalyzer to allow non-local administrators to authenticate to FortiAnalyzer with any user account in a single LDAP group? (Choose two.)
A. A local wildcard administrator account
B. A remote LDAP server
C. A trusted host profile that restricts access to the LDAP group
D. An administrator group
What purposes does the auto-cache setting on reports serve? (Choose two.)
A. To reduce report generation time
B. To automatically update the hcache when new logs arrive
C. To reduce the log insert lag rate
D. To provide diagnostics on report generation time
In order for FortiAnalyzer to collect logs from a FortiGate device, what configuration is required? (Choose two.)
A. Remote logging must be enabled on FortiGate
B. Log encryption must be enabled
C. ADOMs must be enabled
D. FortiGate must be registered with FortiAnalyzer
What is Log Insert Lag Time on FortiAnalyzer?
A. The number of times in the logs where end users experienced slowness while accessing resources.
B. The amount of lag time that occurs when the administrator is rebuilding the ADOM database.
C. The amount of time that passes between the time a log was received and when it was indexed on FortiAnalyzer.
D. The amount of time FortiAnalyzer takes to receive logs from a registered device
Which statement correctly describes the management extensions available on FortiAnalyzer?
A. Management extensions do not require additional licenses.
B. Management extensions may require a minimum number of CPU cores to run.
C. Management extensions allow FortiAnalyzer to act as a FortiSIEM supervisor.
D. Management extensions require a dedicated VM for best performance.
What statements are true regarding FortiAnalyzer 's treatment of high availability (HA) dusters? (Choose two)
A. FortiAnalyzer distinguishes different devices by their serial number.
B. FortiAnalyzer receives logs from d devices in a duster.
C. FortiAnalyzer receives bgs only from the primary device in the cluster.
D. FortiAnalyzer only needs to know (he serial number of the primary device in the cluster-it automaticaly discovers the other devices.
For proper log correlation between the logging devices and FortiAnalyzer, FortiAnalyzer and all registered devices should:
A. Use DNS
B. Use host name resolution
C. Use real-time forwarding
D. Use an NTP server
Which FortiAnalyzer feature allows you to retrieve the archived logs matching a specific timeframe from another FortiAnalyzer device?
A. Log upload
B. Indicators of Compromise
C. Log forwarding an aggregation mode
D. Log fetching
Which two statements are true regarding log fetching on FortiAnalyzer? (Choose two.)
A. Log fetching allows the administrator to fetch analytics logs from another FortiAnalyzer for redundancy.
B. A FortiAnalyzer device can perform either the fetch server or client role, and it can perform two roles at the same time with the same FortiAnalyzer devices at the other end.
C. Log fetching can be done only on two FortiAnalyzer devices that are running the same firmware version.
D. Log fetching allows the administrator to run queries and reports against historical data by retrieving archived logs from one FortiAnalyzer device and sending them to another FortiAnalyzer device.
What is the purpose of the following CLI command?
A. To add a log file checksum
B. To add the MD's hash value and authentication code
C. To add a unique tag to each log to prove that it came from this FortiAnalyzer
D. To encrypt log communications