How Many Questions Of NSE5_FAZ-6.4 Test Engine

NEW QUESTION 1
In order for FortiAnalyzer to collect logs from a FortiGate device, what configuration is required? (Choose two.)

• A. Remote logging must be enabled on FortiGate
• B. Log encryption must be enabled
• C. ADOMs must be enabled
• D. FortiGate must be registered with FortiAnalyzer

Answer: AD

Explanation:
Pg 70: “after you add and register a FortiGate device with the FortiAnalyzer unit, you must also ensure that the FortiGate device is configured to send logs to the FortiAnalyzer unit.”
https://docs.fortinet.com/uploaded/files/4614/FortiAnalyzer-5.4.6-Administration%20Guide.pdf
Pg 45: “ADOMs must be enabled to support the logging and reporting of NON-FORTIGATE devices, such as FortiCarrier, FortiClientEMS, FortiMail, FortiWeb, FortiCache, and FortiSandbox.”

NEW QUESTION 2
An administrator has configured the following settings: config system fortiview settings set resolve-ip enable end
What is the significance of executing this command?

• A. Use this command only if the source IP addresses are not resolved on FortiGate.
• B. It resolves the source and destination IP addresses to a hostname in FortiView on FortiAnalyzer.
• C. You must configure local DNS servers on FortiGate for this command to resolve IP addresses on Forti Analyzer.
• D. It resolves the destination IP address to a hostname in FortiView on FortiAnalyzer.

Answer: D

NEW QUESTION 3
You’ve moved a registered logging device out of one ADOM and into a new ADOM. What happens when you rebuild the new ADOM database?

• A. FortiAnalyzer resets the disk quota of the new ADOM to default.
• B. FortiAnalyzer migrates archive logs to the new ADOM.
• C. FortiAnalyzer migrates analytics logs to the new ADOM.
• D. FortiAnalyzer removes logs from the old ADOM.

Answer: C

Explanation:
https://kb.fortinet.com/kb/documentLink.do?externalID=FD40383

NEW QUESTION 4
What are two advantages of setting up fabric ADOM? (Choose two.)

• A. It can be used for fast data processing and log correlation
• B. It can be used to facilitate communication between devices in same Security Fabric
• C. It can include all Fortinet devices that are part of the same Security Fabric
• D. It can include only FortiGate devices that are part of the same Security Fabric

Answer: AC

Explanation:
https://docs.fortinet.com/document/fortianalyzer/6.2.5/administration-guide/448471/creating-a-security-fabric-a

NEW QUESTION 5
If a hard disk fails on a FortiAnalyzer that supports software RAID, what should you do to bring the FortiAnalyzer back to functioning normally, without losing data?

• A. Hot swap the disk
• B. Replace the disk and rebuild the RAID manually
• C. Take no action if the RAID level supports a failed disk
• D. Shut down FortiAnalyzer and replace the disk

Answer: D

Explanation:
https://kb.fortinet.com/kb/documentLink.do?externalID=FD46446#:~:text=On%20FortiAnalyzer%2FFortiMana If a hard disk on a FortiAnalyzer unit fails, it must be replaced. On FortiAnalyzer devices that support
hardware RAID, the hard disk can be replaced while the unit is still running – known as hot swapping.
On FortiAnalyzer units with software RAID, the device must be shutdown prior to exchanging the hard disk.

NEW QUESTION 6
What statements are true regarding the "store and upload" log transfer option between FortiAnalyzer and FortiGate? (Choose three.)

• A. All FortiGates can send logs to FortiAnalyzer using the store and upload option.
• B. Only FortiGate models with hard disks can send logs to FortiAnalyzer using the store and upload option.
• C. Both secure communications methods (SSL and IPsec) allow the store and upload option.
• D. Disk logging is enabled on the FortiGate through the CLI only.
• E. Disk logging is enabled by default on the FortiGate.

Answer: BCD

NEW QUESTION 7
Why should you use an NTP server on FortiAnalyzer and all registered devices that log into FortiAnalyzer?

• A. To properly correlate logs
• B. To use real-time forwarding
• C. To resolve host names
• D. To improve DNS response times

Answer: A

Explanation:

NEW QUESTION 8
Which statements are true regarding securing communications between FortiAnalyzer and FortiGate with SSL? (Choose two.)

• A. SSL is the default setting.
• B. SSL communications are auto-negotiated between the two devices.
• C. SSL can send logs in real-time only.
• D. SSL encryption levels are globally set on FortiAnalyzer.
• E. FortiAnalyzer encryption level must be equal to, or higher than, FortiGate.

Answer: AD

NEW QUESTION 9
For proper log correlation between the logging devices and FortiAnalyzer, FortiAnalyzer and all registered devices should:

• A. Use DNS
• B. Use host name resolution
• C. Use real-time forwarding
• D. Use an NTP server

Answer: D

NEW QUESTION 10
By default, what happens when a log file reaches its maximum file size?

• A. FortiAnalyzer overwrites the log files.
• B. FortiAnalyzer stops logging.
• C. FortiAnalyzer rolls the active log by renaming the file.
• D. FortiAnalyzer forwards logs to syslog.

Answer: C

NEW QUESTION 11
If you upgrade the FortiAnalyzer firmware, which report element can be affected?

• A. Custom datasets
• B. Report scheduling
• C. Report settings
• D. Output profiles

Answer: B

Explanation:
https://docs.fortinet.com/document/fortianalyzer/6.2.5/upgrade-guide/669300/checking-reports

NEW QUESTION 12
An administrator has moved FortiGate A from the root ADOM to ADOM1. However, the administrator is not able to generate reports for FortiGate A in ADOM1.
What should the administrator do to solve this issue?

• A. Use the execute sql-local rebuild-db command to rebuild all ADOM databases.
• B. Use the execute sql-local rebuild-adom ADOM1 command to rebuild the ADOM database.
• C. Use the execute sql-report run ADOM1 command to run a report.
• D. Use the execute sql-local rebuild-adom root command to rebuild the ADOM database.

Answer: B

NEW QUESTION 13
Which two constraints can impact the amount of reserved disk space required by FortiAnalyzer? (Choose two.)

• A. License type
• B. Disk size
• C. Total quota
• D. RAID level

Answer: CD

Explanation:
https://docs.fortinet.com/document/fortianalyzer/6.2.5/administration-guide/368682/disk-space-allocation

NEW QUESTION 14
What FortiView tool can you use to automatically build a dataset and chart based on a filtered search result?

• A. Chart Builder
• B. Export to Report Chart
• C. Dataset Library
• D. Custom View

Answer: A

Explanation:
https://docs.fortinet.com/document/fortianalyzer/6.2.0/cookbook/989203/building-charts-with-chart-builder

NEW QUESTION 15
View the exhibit.

Why is the total quota less than the total system storage?

• A. 3.6% of the system storage is already being used.
• B. Some space is reserved for system use, such as storage of compression files, upload files, and temporary report files
• C. The oftpd process has not archived the logs yet
• D. The logfiled process is just estimating the total quota

Answer: B

Explanation:
https://docs.fortinet.com/document/fortianalyzer/6.2.5/administration-guide/368682/disk-space-allocation

NEW QUESTION 16
Which two statements are true regarding ADOM modes? (Choose two.)

• A. You can only change ADOM modes through CLI.
• B. In normal mode, the disk quota of the ADOM is fixed and cannot be modified, but in advance mode, the disk quota of the ADOM is flexible because new devices are added to the ADOM.
• C. In an advanced mode ADO
• D. you can assign FortiGate VDOMs from a single FortiGate device to multiple FortiAnalyzer ADOMs.
• E. Normal mode is the default ADOM mode.

Answer: CD

NEW QUESTION 17
Which two statements are true regarding FortiAnalyzer operating modes? (Choose two.)

• A. When in collector mode, FortiAnalyzer collects logs from multiple devices and forwards these logs in the original binary format.
• B. Collector mode is the default operating mode.
• C. When in collector mod
• D. FortiAnalyzer supports event management and reporting features.
• E. By deploying different FortiAnalyzer devices with collector and analyzer mode in a network, you can improve the overall performance of log receiving, analysis, and reporting

Answer: AD

NEW QUESTION 18
On the RAID management page, the disk status is listed as Initializing.
What does the status Initializing indicate about what the FortiAnalyzer is currently doing?

• A. FortiAnalyzer is ensuring that the parity data of a redundant drive is valid
• B. FortiAnalyzer is writing data to a newly added hard drive to restore it to an optimal state
• C. FortiAnalyzer is writing to all of its hard drives to make the array fault tolerant
• D. FortiAnalyzer is functioning normally

Answer: C

NEW QUESTION 19
If you upgrade your FortiAnalyzer firmware, what report elements can be affected?

• A. Output profiles
• B. Report settings
• C. Report scheduling
• D. Custom datasets

Answer: D

NEW QUESTION 20
......