How Many Questions Of NSE5_FAZ-6.4 Exams

NEW QUESTION 1
View the exhibit.

Why is the total quota less than the total system storage?

• A. 3.6% of the system storage is already being used.
• B. Some space is reserved for system use, such as storage of compression files, upload files, and temporary report files
• C. The oftpd process has not archived the logs yet
• D. The logfiled process is just estimating the total quota

Answer: B

Explanation:
https://docs.fortinet.com/document/fortianalyzer/6.2.5/administration-guide/368682/disk-space-allocation

NEW QUESTION 2
An administrator has configured the following settings:
config system global
set log-checksum md5-auth
end
What is the significance of executing this command?

• A. This command records the log file MD5 hash value.
• B. This command records passwords in log files and encrypts them.
• C. This command encrypts log transfer between FortiAnalyzer and other devices.
• D. This command records the log file MD5 hash value and authentication code.

Answer: D

NEW QUESTION 3
In FortiAnalyzer’s FormView, source and destination IP addresses from FortiGate devices are not resolving to a hostname. How can you resolve the source and destination IPs, without introducing any additional performance impact to FortiAnalyzer?

• A. Configure local DNS servers on FortiAnalyzer
• B. Resolve IPs on FortiGate
• C. Configure # set resolve-ip enable in the system FortiView settings
• D. Resolve IPs on a per-ADOM basis to reduce delay on FortiView while IPs resolve

Answer: B

NEW QUESTION 4
What statements are true regarding disk log quota? (Choose two)

• A. The FortiAnalyzer stops logging once the disk log quota is met.
• B. The FortiAnalyzer automatically sets the disk log quota based on the device.
• C. The FortiAnalyzer can overwrite the oldest logs or stop logging once the disk log quota is met.
• D. The FortiAnalyzer disk log quota is configurable, but has a minimum o 100mb a maximum based on the reserved system space.

Answer: CD

NEW QUESTION 5
How can you configure FortiAnalyzer to permit administrator logins from only specific locations?

• A. Use static routes
• B. Use administrative profiles
• C. Use trusted hosts
• D. Use secure protocols

Answer: C

Explanation:
https://docs.fortinet.com/document/fortianalyzer/6.2.5/administration-guide/186508/trusted-hosts

NEW QUESTION 6
Which two statements are true regarding FortiAnalyzer log forwarding? (Choose two.)

• A. In aggregation mode, you can forward logs to syslog and CEF servers as well.
• B. Forwarding mode forwards logs in real time only to other FortiAnalyzer devices.
• C. Aggregation mode stores logs and content files and uploads them to another FortiAnalyzer device at a scheduled time.
• D. Both modes, forwarding and aggregation, support encryption of logs between devices.

Answer: CD

NEW QUESTION 7
What are two of the key features of FortiAnalyzer? (Choose two.)

• A. Centralized log repository
• B. Cloud-based management
• C. Reports
• D. Virtual domains (VDOMs)

Answer: AC

NEW QUESTION 8
You are using RAID with a FortiAnalyzer that supports software RAID, and one of the hard disks on FortiAnalyzer has failed.
What is the recommended method to replace the disk?

• A. Shut down FortiAnalyzer and then replace the disk
• B. Downgrade your RAID level, replace the disk, and then upgrade your RAID level
• C. Clear all RAID alarms and replace the disk while FortiAnalyzer is still running
• D. Perform a hot swap

Answer: A

Explanation:

https://community.fortinet.com/t5/FortiAnalyzer/Technical-Note-How-to-swap-Hard-Disk-on-FortiAnalyzer/ta-

NEW QUESTION 9
Which two statements are true regarding high availability (HA) on FortiAnalyzer? (Choose two.)

• A. FortiAnalyzer HA can function without VRR
• B. and VRRP is required only if you have more than two FortiAnalyzer devices in a cluster.
• C. FortiAnalyzer HA supports synchronization of logs as well as some system and configuration settings.
• D. All devices in a FortiAnalyzer HA cluster must run in the same operation mode: analyzer or collector.
• E. FortiAnalyzer HA implementation is supported by many public cloud infrastructures such as AWS, Microsoft Azure, and Google Cloud.

Answer: BC

NEW QUESTION 10
In the FortiAnalyzer FortiView, source and destination IP addresses from FortiGate devices are not resolving to a hostname.
How can you resolve the source and destination IP addresses, without introducing any additional performance impact to FortiAnalyzer?

• A. Resolve IP addresses on a per-ADOM basis to reduce delay on FortiView while IPs resolve
• B. Configure # set resolve-ip enable in the system FortiView settings
• C. Configure local DNS servers on FortiAnalyzer
• D. Resolve IP addresses on FortiGate

Answer: D

Explanation:
https://packetplant.com/fortigate-and-fortianalyzer-resolve-source-and-destination-ip/
“As a best practice, it is recommended to resolve IPs on the FortiGate end. This is because you get both
source and destination, and it offloads the work from FortiAnalyzer. On FortiAnalyzer, this IP resolution does destination IPs only”

NEW QUESTION 11
In Log View, you can use the Chart Builder feature to build a dataset and chart based on the filtered search results.
Similarly, which feature you can use for FortiView?

• A. Export to Report Chart
• B. Export to PDF
• C. Export to Chart Builder
• D. Export to Custom Chart

Answer: A

NEW QUESTION 12
Which FortiAnalyzer feature allows you to retrieve the archived logs matching a specific timeframe from another FortiAnalyzer device?

• A. Log upload
• B. Indicators of Compromise
• C. Log forwarding an aggregation mode
• D. Log fetching

Answer: D

Explanation:
https://docs.fortinet.com/document/fortianalyzer/6.2.0/administration-guide/651442/fetcher-management

NEW QUESTION 13
After you have moved a registered logging device out of one ADOM and into a new ADOM, what is the purpose of running the following CLI command?
execute sql-local rebuild-adom <new-ADOM-name>

• A. To reset the disk quota enforcement to default
• B. To remove the analytics logs of the device from the old database
• C. To migrate the archive logs to the new ADOM
• D. To populate the new ADOM with analytical logs for the moved device, so you can run reports

Answer: D

Explanation:

NEW QUESTION 14
What is the purpose of a predefined template on the FortiAnalyzer?

• A. It can be edited and modified as required
• B. It specifies the report layout which contains predefined texts, charts, and macros
• C. It specifies report settings which contains time period, device selection, and schedule
• D. It contains predefined data to generate mock reports

Answer: B

NEW QUESTION 15
What is the purpose of employing RAID with FortiAnalyzer?

• A. To introduce redundancy to your log data
• B. To provide data separation between ADOMs
• C. To separate analytical and archive data
• D. To back up your logs

Answer: A

Explanation:
https://en.wikipedia.org/wiki/RAID#:~:text=RAID%20(%22Redundant%20Array%20of%20Inexpensive,%2C%

NEW QUESTION 16
FortiAnalyzer reports are dropping analytical data from 15 days ago, even though the data policy setting for analytics logs is 60 days.
What is the most likely problem?

• A. Quota enforcement is acting on analytical data before a report is complete
• B. Logs are rolling before the report is run
• C. CPU resources are too high
• D. Disk utilization for archive logs is set for 15 days

Answer: B

NEW QUESTION 17
An administrator has configured the following settings: config system fortiview settings set resolve-ip enable end
What is the significance of executing this command?

• A. Use this command only if the source IP addresses are not resolved on FortiGate.
• B. It resolves the source and destination IP addresses to a hostname in FortiView on FortiAnalyzer.
• C. You must configure local DNS servers on FortiGate for this command to resolve IP addresses on Forti Analyzer.
• D. It resolves the destination IP address to a hostname in FortiView on FortiAnalyzer.

Answer: D

NEW QUESTION 18
Which clause is considered mandatory in SELECT statements used by the FortiAnalyzer to generate reports?

• A. FROM
• B. LIMIT
• C. WHERE
• D. ORDER BY

Answer: A

NEW QUESTION 19
What are two advantages of setting up fabric ADOM? (Choose two.)

• A. It can be used for fast data processing and log correlation
• B. It can be used to facilitate communication between devices in same Security Fabric
• C. It can include all Fortinet devices that are part of the same Security Fabric
• D. It can include only FortiGate devices that are part of the same Security Fabric

Answer: AC

Explanation:
https://docs.fortinet.com/document/fortianalyzer/6.2.5/administration-guide/448471/creating-a-security-fabric-a

NEW QUESTION 20
......