NSE5_FAZ-7.2 Exam Questions

Which two statement are true regardless initial Logs sync and Log Data Sync for Ha on FortiAnalyzer?

Which two statements are true regarding fabric connectors? (Choose two.)

What does the disk status Degraded mean for RAID management?

An administrator, fortinet, is able to view logs and perform device management tasks, such as adding and removing registered devices. However, administrator fortinet is not able to...

Which statement is true when you are upgrading the firmware on an HA cluster made up of two FortiAnalyzer devices?

What is the purpose of output variables?

Which two elements are contained in a system backup created on FortiAnalyzer? (Choose two.)

Which two statements are correct regarding the export and import of playbooks? (Choose two.)

Which SQL query is in the correct order to query the database in the FortiAnslyzer?

Refer to the exhibits. How many events will be added to the incident created after running this playbook?

Which daemon is responsible for enforcing the log file size?

Refer to the exhibit. Which statement is correct regarding the event displayed?

What is required to authorize a FortiGate on FortiAnalyzer using Fabric authorization?

Refer to the exhibit. Laptopt is used by several administrators to manage FortiAnalyzer. You want to configure a generic text filter that matches all login attempts to the web inte...

If the primary FortiAnalyzer in an HA cluster fails, how is the new primary elected?

What is the best approach to handle a hard disk failure on a FortiAnalyzer that supports hardware RAID?

Which statement is true about sending notifications with incident updates?

Which statement correctly describes the management extensions available on FortiAnalyzer?

A play book contains five tasks in total. An administrator executed the playbook and four out of five tasks finished successfully, but one task failed. What will be the status of t...

When working with FortiAnalyzer reports, what is the purpose of a dataset?

Refer to the exhibit. The image displays the configuration of a FortiAnalyzer the administrator wants to join to an existing HA cluster. What can you conclude from the configuratio...

You crested a playbook on FortiAnalyzer that uses a FortiOS connector. When configuring the FortiGate side, which type of trigger must be used so that the actions in an automation...

What must you consider when using log fetching? (Choose two.)

Which two statements are true regarding the outbreak detection service? (Choose two.)

What are two effects of enabling auto-cache in a FortiAnalyzer report? (Choose two.)

Why must you wait for several minutes before you run a playbook that you just created?

Which statement describes online logs on FortiAnalyzer?

How can you attach a report to an incident?

Which item must you configure on FortiAnalyzer to email generated reports automatically?

Which statement about the FortiSOAR management extension is correct?

Why run the command diagnose sql status sqlplugind?

What are two benefits of using fabric connectors? (Choose two.)

Which log will generate an event with the status Contained?

Refer to the exhibit. Laptop1 is used by several administrators to manage FortiAnalyzer. You want to configure a generic text filter that matches all login attempts to the web inte...

After generating a report, you notice the information you were expecting to see is not included in it. What are two possible reasons for this scenario? (Choose two.)

What is the purpose of using prefilters when configuring event handlers?

Which statement describes a dataset in FortiAnalyzer?

A playbook contains five tasks in total. An administrator runs the playbook and four out of five tasks finish successfully, but one task fails. What will be the status of the playb...

What is the purpose of trigger variables?

Which statement about sending notifications with incident updates is true?

Refer to the exhibit. What is the purpose of using the Chart Builder feature on FortiAnalyzer?

What happens when the IOC breach detection engine on FortiAnalyzer finds web logs that match a blocklisted IP address?

Refer to the exhibit. Based on the partial outputs displayed, which devices can be members of a FortiAnalyzer Fabric?

Refer to the exhibit. What does the data point at 12:20 indicate?

Which statement about the FortiSIEM management extension is correct?

Refer to the exhibit. Which statement is correct regarding the event displayed?

What is the purpose of predefined report templates on FortiAnalyzer?

Refer to the exhibit. What does the data point at 21:20 indicate?

Which two methods can you use to send notifications when an event occurs that matches a configured event handier? (Choose two.)

Refer to the exhibit. Which FortiAnalyzer tool can refer to the Cyber Kill Chain stages and allows you to identify which Fortinet products can protect you against new vulnerabiliti...