Fortinet NSE5-FAZ-7-0 Exam Questions
Questions for the NSE5-FAZ-7-0 were updated on : Jul 20 ,2024
Page 1 out of 4. Viewing questions 1-10 out of 35
Question 1
A playbook contains five tasks in total. An administrator executed the playbook and four out of five tasks finished successfully, but one task failed.
What will be the status of the playbook after its execution?
- A. Failed
- B. Success
- C. Upstream_failed
- D. Running
Answer:
b
Question 2
An administrator, fortinet, is able to view logs and perform device management tasks, such as adding and removing registered devices. However, administrator fortinet is not able to create a mail server that can be used to send alert emails.
What can be the problem?
- A. fortinet is assigned the Standard_User administrative profile.
- B. A trusted host is configured.
- C. ADOM mode is configured with Advanced mode.
- D. fortinet is assigned the Restricted_User administrative profile.
Answer:
d
Question 3
What are offline logs on FortiAnalyzer?
- A. Logs that are collected from offline devices after they boot up
- B. Compressed logs, also known as archive logs, are considered to be offline logs
- C. Logs that are indexed and stored in the SQL database
- D. When you restart FortiAnalyzer, all stored logs are considered to be offline logs
Answer:
d
Question 4
After you have moved a registered logging device out of one ADOM and into a new ADOM. what is the purpose of running the following CLI command? execute sql-local rebuild-adom <new-ADOM-name>
- A. To reset the disk quota enforcement to default
- B. To migrate the archive logs to the new ADOM
- C. To remove the analytics logs of the device from the old database
- D. To populate the new ADOM with analytical logs for the moved device, so you can run reports
Answer:
d
Question 5
Which SQL query is in the correct order to query the database in the FortiAnalyzer?
- A. SELECT devid WHERE 'user'='USER1' FROM $log GROUP BY devid
- B. FROM $log WHERE 'user'='USER1' SELECT devid GROUP BY devid
- C. SELECT devid FROM $log WHERE 'user'='USER1' GROUP BY devid
- D. SELECT devid FROM $log GROUP BY devid WHERE 'user'='USER1'
Answer:
c
Question 6
A rogue administrator was accessing FortiAnalyzer without permission, and you are tasked to see what activity was performed by that rogue administrator on FortiAnalyzer.
What can you do on FortiAnalyzer to accomplish this?
- A. Click Task Monitor and view the tasks performed by that administrator.
- B. Click Fabric View and view the tasks performed by the rogue administrator.
- C. Click Log View and generate a report for that administrator.
- D. Click FortiView and generate a report for that administrator.
Answer:
c
Question 7
Which two statements are true regarding ADOM modes? (Choose two.)
- A. You can change ADOM modes only through the CLI.
- B. In normal mode, the disk quota of the ADOM is fixed and cannot be modified, but in advanced mode, the disk quota of the ADOM is flexible.
- C. In an advanced mode ADOM, you can assign FortiGate VDOMs from a single FortiGate device to multiple FortiAnalyzer ADOMs.
- D. Normal mode is the default ADOM mode.
Answer:
ad
Question 8
Refer to the exhibit.
Which statement is correct regarding the event displayed?
- A. An incident was created from this event.
- B. The security risk was blocked or dropped.
- C. The security event risk is considered open.
- D. The risk source is isolated.
Answer:
c
Question 9
If the primary FortiAnalyzer in an HA cluster fails, how is the new primary elected?
- A. The firmware version is checked first.
- B. The active port number is checked first.
- C. The configured IP address is checked first.
- D. The configured priority is checked first.
Answer:
d
Question 10
What is the best approach to handle a hard disk failure on a FortiAnalyzer that supports hardware RAID?
- A. Hot swap the disk.
- B. There is no need to do anything because the disk will self-recover.
- C. Shut down FortiAnalyzer and replace the disk.
- D. Run execute format disk to format and restart the FortiAnalyzer device.
Answer:
c