Fortinet nse5-faz-7-0 practice test

Fortinet NSE 5 - FortiAnalyzer 7.0

Last exam update: May 17 ,2024
Page 1 out of 3. Viewing questions 1-10 out of 35

Question 1

What is the purpose of output variables?

  • A. To display details of the connectors used by a playbook
  • B. To store playbook execution statistics
  • C. To save all the task settings when a playbook is exported
  • D. To use the output of the previous task as the input of the current task
Answer:

d

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 2

Which two statements are correct regarding the export and import of playbooks? (Choose two.)

  • A. Playbooks can be exported and imported only within the same FortiAnalyzer.
  • B. You can export only one playbook at a time.
  • C. A playbook that was disabled when it was exported, will be disabled when it is imported.
  • D. You can import a playbook even if there is another one with the same name in the destination.
Answer:

ac

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 3

Which two statements are true regarding log fetching on FortiAnalyzer? (Choose two.)

  • A. Log fetching allows the administrator to fetch analytics logs from another FortiAnalyzer for redundancy.
  • B. A FortiAnalyzer device can perform either the fetch server or client role, and it can perform two roles at the same time with the same FortiAnalyzer devices at the other end.
  • C. Log fetching can be done only on two FortiAnalyzer devices that are running the same firmware version.
  • D. Log fetching allows the administrator to run queries and reports against historical data by retrieving archived logs from one FortiAnalyzer device and sending them to another FortiAnalyzer device.
Answer:

bd

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 4

Refer to the exhibit.

The image displays the configuration of a FortiAnalyzer the administrator wants to join to an existing HA cluster.
What can you conclude from the configuration displayed?

  • A. This FortiAnalyzer will join to the existing HA cluster as the primary.
  • B. This FortiAnalyzer is configured to receive logs in its port1.
  • C. This FortiAnalyzer will trigger a failover after losing communication with its peers for 10 seconds.
  • D. After joining to the cluster, this FortiAnalyzer will keep an updated log database.
Answer:

d

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 5

Which statement is true regarding Macros on FortiAnalyzer?

  • A. Macros are predefined templates for reports and cannot be customized.
  • B. Macros are useful in generating excel log files automatically based on the report settings.
  • C. Macros are supported only on the FortiGate ADOM.
  • D. Macros are ADOM specific and each ADOM has unique macros relevant to that ADOM.
Answer:

d

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 6

Refer to the exhibits.


How many events will be added to the incident created after running this playbook?

  • A. No events will be added.
  • B. Ten events will be added.
  • C. Five events will be added.
  • D. Thirteen events will be added.
Answer:

d

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 7

Which FortiAnalyzer feature allows you to use a proactive approach when managing your network security?

  • A. FortiView Monitor
  • B. Threat hunting
  • C. Incidents dashboards
  • D. Outbreak alert services
Answer:

b

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 8

Which two statements are true regarding FortiAnalyzer operating modes? (Choose two.)

  • A. By deploying different FortiAnalyzer devices in both modes, you can improve their overall performance.
  • B. When in collector mode. FortiAnalyzer collects logs from multiple devices and forwards these logs in the original binary format.
  • C. When in collector mode. FortiAnalyzer supports event management and reporting features.
  • D. Collector mode is the default operating mode.
Answer:

bd

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 9

Which statement correctly describes the management extensions available on FortiAnalyzer?

  • A. Management extensions do not require additional licenses.
  • B. Management extensions may require a minimum number of CPU cores to run.
  • C. Management extensions allow FortiAnalyzer to act as a FortiSIEM supervisor.
  • D. Management extensions require a dedicated VM for best performance.
Answer:

c

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 10

Which statement is true about sending notifications with incident updates?

  • A. You can send notifications to multiple external platforms.
  • B. If you use multiple fabric connectors, all connectors must have the same notification settings.
  • C. Notifications can be sent only by email.
  • D. Notifications can be sent only when an incident is updated or deleted.
Answer:

a

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000
To page 2