[Q21-Q41] トップクラスFortinet NSE5_FAZ-7.2オンライン問題集で更新された[2024年04月]

トップクラスFortinet NSE5_FAZ-7.2オンライン問題集で更新された[2024年04月]

NSE5_FAZ-7.2練習問題集で検証済みのJPNTest更新された138問題あります

Fortinet NSE5_FAZ-7.2 試験は、FortiAnalyzer に関連する幅広いトピックをカバーする包括的なテストです。ログ管理、イベント相関、トラフィック分析、およびレポート生成に関する質問が含まれています。試験は、FortiGuard 統合、アラート、およびコンプライアンスレポートなどの FortiAnalyzer の機能に関する候補者の知識を評価するように設計されています。

 

質問 # 21
An administrator has configured the following settings:
config system global
set log-checksum md5-auth
end
What is the significance of executing this command?

• A. This command records the log file MD5 hash value.
• B. This command records the log file MD5 hash value and authentication code.
• C. This command encrypts log transfer between FortiAnalyzer and other devices.
• D. This command records passwords in log files and encrypts them.

正解：B

質問 # 22
Refer to the exhibit.

Which image corresponds to the packet capture shown in the exhibit?

• A.
• B.
• C.
• D.

正解：D

質問 # 23
How can you configure FortiAnalyzer to permit administrator logins from only specific locations?

• A. Use static routes
• B. Use administrative profiles
• C. Use trusted hosts
• D. Use secure protocols

正解：C

解説：
https://docs.fortinet.com/document/fortianalyzer/6.2.5/administration-guide/186508/trusted-hosts

質問 # 24
Which daemon is responsible for enforcing the log file size?

• A. logfiled
• B. ofrpd
• C. sqlplugind
• D. miglogd

正解：A

解説：
FortiAnalyzer_7.0_Study_Guide-Online.pdf page 121: The logfiled process enforces the log file size and is also responsible for disk quota enforcement by monitoring the other processes.

質問 # 25
What is the recommended method of expanding disk space on a FortiAnalyzer VM?

• A. From the VM host manager, expand the size of the existing virtual disk
• B. From the VM host manager, add an additional virtual disk and rebuild your RAID array
• C. From the VM host manager, expand the size of the existing virtual disk and use the # execute format disk command to reformat the disk
• D. From the VM host manager, add an additional virtual disk and use the #execute lvm extend <disk number> command to expand the storage

正解：D

解説：
https://kb.fortinet.com/kb/documentLink.do?externalID=FD40848

質問 # 26
You have recently grouped multiple FortiGate devices into a single ADOM. System Settings > Storage Info shows the quota used.
What does the disk quota refer to?

• A. The maximum disk utilization for the FortiAnalyzer model
• B. The maximum disk utilization for each device in the ADOM
• C. The maximum disk utilization for the ADOM type
• D. The maximum disk utilization for all devices in the ADOM

正解：D

質問 # 27
What are the operating modes of FortiAnalyzer? (Choose two)

• A. Manager
• B. Collector
• C. Standalone
• D. Analyzer

正解：B、D

質問 # 28
Which log type does the FortiAnalyzer indicators of compromise feature use to identify infected hosts?

• A. IPS logs
• B. Application control logs
• C. Antivirus logs
• D. Web filter logs

正解：D

解説：
Reference:
FortiAnalyzer_Admin_Guide/3600_FortiView/0200_Using_FortiView/1200_Compromised_hosts_page.htm?
TocPath=FortiView%7CUsing%20FortiView%7C_____6

質問 # 29
What happens when a log file saved on FortiAnalyzer disks reaches the size specified in the device log settings?

• A. The log file is stored as a raw log and is available for analytic support.
• B. The log file is purged from the database.
• C. The log file rolls over and is archived.
• D. The log file is overwritten.

正解：C

解説：
Reference:
81a4-00505692583a/FortiAnalyzer-6.0.5-Administration-Guide.pdf
https://docs.fortinet.com/document/fortianalyzer/6.2.5/administration-guide/355632/log-browse

質問 # 30
Which two statements are true regarding the outbreak detection service? (Choose two.)

• A. It automatically downloads new event handlers and reports.
• B. New alerts are received by email.
• C. An additional license is required.
• D. Outbreak alerts are available on the root ADOM only.

正解：A、C

質問 # 31
What does the disk status Degraded mean for RAID management?

• A. The hard driveiIs no longer being used by the RAID controller
• B. The FortiAnalyzer device is writing data to a newly added hard drive in order to restore the hard drive to an optimal state.
• C. One or more drives are missing from the FortiAnalyzer unit. The drive is no longer available to the operating system.
• D. The FortiAnalyzer device is writing to all the hard drives on the device in order to make the array fault tolerant.

正解：A

質問 # 32
Which two statement are true regardless initial Logs sync and Log Data Sync for Ha on FortiAnalyzer?

• A. When Logs Data Sync is turned on, the backup device will reboot and then rebuilt the log database with the synchronized logs.
• B. Log Data Sync provides real-time log synchronization to all backup devices.
• C. With initial Logs Sync, when you add a unit to an HA cluster, the primary device synchronizes its logs with the backup device.
• D. By default, Log Data Sync is disabled on all backup devise.

正解：A、C

質問 # 33
Which two statements are true regarding FortiAnalyzer operating modes? (Choose two.)

• A. By deploying different FortiAnalyzer devices with collector and analyzer mode in a network, you can improve the overall performance of log receiving, analysis, and reporting
• B. Collector mode is the default operating mode.
• C. When in collector mode. FortiAnalyzer supports event management and reporting features.
• D. When in collector mode, FortiAnalyzer collects logs from multiple devices and forwards these logs in the original binary format.

正解：A、D

解説：
Reference:
https://docs.fortinet.com/document/fortianalyzer/7.0.0/administration-guide/312644/analyzer-collector-collaboration

質問 # 34
What is the purpose of trigger variables?

• A. To provide the trigger information to make the playbook start running
• B. To display statistics about the playbook runtime
• C. To use information from the trigger to filter the action in a task
• D. To store the start times of playbooks with On_Schedule triggers

正解：C

質問 # 35
Which statements are true regarding securing communications between FortiAnalyzer and FortiGate with SSL? (Choose two.)

• A. SSL can send logs in real-time only.
• B. SSL encryption levels are globally set on FortiAnalyzer.
• C. SSL communications are auto-negotiated between the two devices.
• D. SSL is the default setting.
• E. FortiAnalyzer encryption level must be equal to, or higher than, FortiGate.

正解：B、D

質問 # 36
Which tabs do not appear when FortiAnalyzer is operating in Collector mode?

• A. Reporting
• B. FortiView
• C. Event Management
• D. Device Manger

正解：C

質問 # 37
What is the purpose of a dataset query in FortiAnalyzer?

• A. It retrieves log data from the database
• B. It extracts the database schema
• C. It sorts log data into tables
• D. It injects log data into the database

正解：A

質問 # 38
Which two statements are correct regarding the export and import of playbooks? (Choose two.)

• A. You can export only one playbook at a time.
• B. A playbook that was disabled when it was exported, will be disabled when it is imported.
• C. Playbooks can be exported and imported only within the same FortiAnaryzer.
• D. You can import a playbook even if there is another one with the same name in the destination.

正解：B、D

解説：
If the imported playbook has the same name as an existing one, FortiAnalyzer will create a new name that includes a timestamp to avoid conflicts.
Playbooks are imported with the same status they had (enabled or disabled) when they were exported.
Playbooks set to run automatically should be exported while they are disabled to avoid unintended runs on the destination.

質問 # 39
After you have moved a registered logging device out of one ADOM and into a new ADOM, what is the purpose of running the following CLI command?
execute sql-local rebuild-adom <new-ADOM-name>

• A. To migrate the archive logs to the new ADOM
• B. To populate the new ADOM with analytical logs for the moved device, so you can run reports
• C. To reset the disk quota enforcement to default
• D. To remove the analytics logs of the device from the old database

正解：B

解説：
FortiAnalyzer_7.0_Study_Guide-Online.pdf page 128: Are the device analytics logs required for reports in the new ADOM? If so, rebuild the new ADOM database

質問 # 40
Refer to the exhibits.


How many events will be added to the incident created after running this playbook?

• A. Ten events will be added.
• B. Five events will be added.
• C. Thirteen events will be added.
• D. No events will be added.

正解：A

質問 # 41
......

Fortinet NSE 5 -Fortianalyzer 7.2アナリスト試験とも呼ばれるFortinet NSE5_FAZ -7.2試験は、FortianAlyzer 7.2を使用してネットワークセキュリティデータの管理と分析に関するスキルと知識を実証したい専門家向けに設計されています。 Fortianalyzerは、Fortinetセキュリティデバイスの高度な分析、レポート、および自動化機能を提供する包括的なネットワークセキュリティ管理および分析ソリューションです。

 

最新（2024)Fortinet NSE5_FAZ-7.2試験問題集：https://www.jpntest.com/shiken/NSE5_FAZ-7.2-mondaishu