How Many Questions Of NSE5_FAZ-6.4 Simulations

NEW QUESTION 1
If you upgrade your FortiAnalyzer firmware, what report elements can be affected?

• A. Output profiles
• B. Report settings
• C. Report scheduling
• D. Custom datasets

Answer: D

NEW QUESTION 2
In Log View, you can use the Chart Builder feature to build a dataset and chart based on the filtered search results.
Similarly, which feature you can use for FortiView?

• A. Export to Report Chart
• B. Export to PDF
• C. Export to Chart Builder
• D. Export to Custom Chart

Answer: A

NEW QUESTION 3
After you have moved a registered logging device out of one ADOM and into a new ADOM, what is the purpose of running the following CLI command?
execute sql-local rebuild-adom <new-ADOM-name>

• A. To reset the disk quota enforcement to default
• B. To remove the analytics logs of the device from the old database
• C. To migrate the archive logs to the new ADOM
• D. To populate the new ADOM with analytical logs for the moved device, so you can run reports

Answer: D

Explanation:

NEW QUESTION 4
Which two of the following must you configure on FortiAnalyzer to email a FortiAnalyzer report externally? (Choose two.)

• A. Mail server
• B. Output profile
• C. SFTP server
• D. Report scheduling

Answer: AB

NEW QUESTION 5
What FortiGate process caches logs when FortiAnalyzer is not reachable?

• A. logfiled
• B. sqlplugind
• C. oftpd
• D. Miglogd

Answer: D

NEW QUESTION 6
In FortiAnalyzer’s FormView, source and destination IP addresses from FortiGate devices are not resolving to a hostname. How can you resolve the source and destination IPs, without introducing any additional performance impact to FortiAnalyzer?

• A. Configure local DNS servers on FortiAnalyzer
• B. Resolve IPs on FortiGate
• C. Configure # set resolve-ip enable in the system FortiView settings
• D. Resolve IPs on a per-ADOM basis to reduce delay on FortiView while IPs resolve

Answer: B

NEW QUESTION 7
Which statements are true regarding securing communications between FortiAnalyzer and FortiGate with IPsec? (Choose two.)

• A. Must configure the FortiAnalyzer end of the tunnel only--the FortiGate end is auto-negotiated.
• B. Must establish an IPsec tunnel ID and pre-shared key.
• C. IPsec cannot be enabled if SSL is enabled as well.
• D. IPsec is only enabled through the CLI on FortiAnalyzer.

Answer: C

NEW QUESTION 8
View the exhibit.

What does the data point at 14:35 tell you?

• A. FortiAnalyzer is dropping logs.
• B. FortiAnalyzer is indexing logs faster than logs are being received.
• C. FortiAnalyzer has temporarily stopped receiving logs so older logs’ can be indexed.
• D. The sqlplugind daemon is ahead in indexing by one log.

Answer: B

Explanation:
https://docs.fortinet.com/document/fortianalyzer/6.2.5/administration-guide/47690/insert-rate-vs-receive-rate-wi

NEW QUESTION 9
How can you configure FortiAnalyzer to permit administrator logins from only specific locations?

• A. Use static routes
• B. Use administrative profiles
• C. Use trusted hosts
• D. Use secure protocols

Answer: C

Explanation:
https://docs.fortinet.com/document/fortianalyzer/6.2.5/administration-guide/186508/trusted-hosts

NEW QUESTION 10
Logs are being deleted from one of the ADOMs earlier than the configured setting for archiving in the data policy.
What is the most likely problem?

• A. CPU resources are too high
• B. Logs in that ADOM are being forwarded, in real-time, to another FortiAnalyzer device
• C. The total disk space is insufficient and you need to add other disk
• D. The ADOM disk quota is set too low, based on log rates

Answer: D

NEW QUESTION 11
Which two statements are true regarding ADOM modes? (Choose two.)

• A. You can only change ADOM modes through CLI.
• B. In normal mode, the disk quota of the ADOM is fixed and cannot be modified, but in advance mode, the disk quota of the ADOM is flexible because new devices are added to the ADOM.
• C. In an advanced mode ADO
• D. you can assign FortiGate VDOMs from a single FortiGate device to multiple FortiAnalyzer ADOMs.
• E. Normal mode is the default ADOM mode.

Answer: CD

NEW QUESTION 12
Which log type does the FortiAnalyzer indicators of compromise feature use to identify infected hosts?

• A. Antivirus logs
• B. Web filter logs
• C. IPS logs
• D. Application control logs

Answer: B

NEW QUESTION 13
What is the purpose of the following CLI command?

• A. To add a log file checksum
• B. To add the MD’s hash value and authentication code
• C. To add a unique tag to each log to prove that it came from this FortiAnalyzer
• D. To encrypt log communications

Answer: A

Explanation:
https://docs2.fortinet.com/document/fortianalyzer/6.0.3/cli-reference/849211/global

NEW QUESTION 14
Which two methods can you use to send event notifications when an event occurs that matches a configured event handler? (Choose two.)

• A. SMS
• B. Email
• C. SNMP
• D. IM

Answer: BC

NEW QUESTION 15
How does FortiAnalyzer retrieve specific log data from the database?

• A. SQL FROM statement
• B. SQL GET statement
• C. SQL SELECT statement
• D. SQL EXTRACT statement

Answer: A

Explanation:
https://fortinetweb.s3.amazonaws.com/docs.fortinet.com/v2/attachments/137bb60e-ff37-11e8-8524-f8bc1258b8

NEW QUESTION 16
If you upgrade the FortiAnalyzer firmware, which report element can be affected?

• A. Custom datasets
• B. Report scheduling
• C. Report settings
• D. Output profiles

Answer: B

Explanation:
https://docs.fortinet.com/document/fortianalyzer/6.2.5/upgrade-guide/669300/checking-reports

NEW QUESTION 17
Why should you use an NTP server on FortiAnalyzer and all registered devices that log into FortiAnalyzer?

• A. To properly correlate logs
• B. To use real-time forwarding
• C. To resolve host names
• D. To improve DNS response times

Answer: A

Explanation:

NEW QUESTION 18
......