NSE5_FAZ-6.2 시험 - Fortinet실제시험문제와 답 - 38문항

Question No : 1

View the exhibit.

What does the data point at 14:35 tell you?

A.FortiAnalyzer is dropping logs.
B.FortiAnalyzer is indexing logs faster than logs are being received.
C.FortiAnalyzer has temporarily stopped receiving logs so older logs’ can be indexed.
D.The sqlplugind daemon is ahead in indexing by one log.

정답:
Explanation:
Logs are received then they are indexed, no logging server in the world can index logs faster than they are received. When FAZ receives raw logs, they are inserted
(indexed) by the SQL database and the sqlplugind daemon, this graph shows that FAZ received 3 logs and sqlplugind indexed 4.

Question No : 2

What are the operating modes of FortiAnalyzer? (Choose two)

A.Standalone
B.Manager
C.Analyzer
D.Collector

정답:

Question No : 3

Which statements are true of Administrative Domains (ADOMs) in FortiAnalyzer? (Choose two.)

A.ADOMs are enabled by default.
B.ADOMs constrain other administrator’s access privileges to a subset of devices in the device list.
C.Once enabled, the Device Manager, FortiView, Event Management, and Reports tab display per ADO
D.All administrators can create ADOMs--not just the admin administrator.

정답:

Question No : 4

Which two statements about log forwarding are true? (Choose two.)

A.Forwarded logs cannot be filtered to match specific criteria.
B.Logs are forwarded in real-time only.
C.The client retains a local copy of the logs after forwarding.
D.You can use aggregation mode only with another FortiAnalyzer.

정답:
Explanation:
Reference: www.fortinetguru.com/2020/07/log-forwarding-fortianalyzer-fortios-6-2-3/

Question No : 5

What purposes does the auto-cache setting on reports serve? (Choose two.)

A.To reduce report generation time
B.To automatically update the hcache when new logs arrive
C.To reduce the log insert lag rate
D.To provide diagnostics on report generation time

정답:
Explanation:
Reference: https://docs.fortinet.com/document/fortianalyzer/6.0.0/administration-guide/282280/enabling-autocache

Question No : 6

What statements are true regarding disk log quota? (Choose two)

A.The FortiAnalyzer stops logging once the disk log quota is met.
B.The FortiAnalyzer automatically sets the disk log quota based on the device.
C.The FortiAnalyzer can overwrite the oldest logs or stop logging once the disk log quota is met.
D.The FortiAnalyzer disk log quota is configurable, but has a minimum o 100mb a maximum based on the reserved system space.

정답:

Question No : 7

You are using RAID with a FortiAnalyzer that supports software RAID, and one of the hard disks on FortiAnalyzer has failed.
What is the recommended method to replace the disk?

A.Shut down FortiAnalyzer and then replace the disk
B.Downgrade your RAID level, replace the disk, and then upgrade your RAID level
C.Clear all RAID alarms and replace the disk while FortiAnalyzer is still running
D.Perform a hot swap

정답:
Explanation:
Reference: https://www.fortinetguru.com/2016/04/system-settings/6/

Question No : 8

Which two of the following must you configure on FortiAnalyzer to email a FortiAnalyzer report externally? (Choose two.)

A.Mail server
B.Output profile
C.SFTP server
D.Report scheduling

정답:

Question No : 9

When you perform a system backup, what does the backup configuration contain? (Choose two.)

A.Generated reports
B.Device list
C.Authorized devices logs
D.System information

정답:

Question No : 10

View the exhibit:

What does the 1000MB maximum for disk utilization refer to?

A.The disk quota for the FortiAnalyzer model
B.The disk quota for all devices in the ADOM
C.The disk quota for each device in the ADOM
D.The disk quota for the ADOM type

정답:

Question No : 11

Logs are being deleted from one of the ADOMs earlier than the configured setting for archiving in the data policy.
What is the most likely problem?

A.CPU resources are too high
B.Logs in that ADOM are being forwarded, in real-time, to another FortiAnalyzer device
C.The total disk space is insufficient and you need to add other disk
D.The ADOM disk quota is set too low, based on log rates

정답:
Explanation:
Reference: https://help.fortinet.com/fmgr/50hlp/56/5-6-1/FMG-FAZ/1100_Storage/0017_Deleted%20device%20logs.htm

Question No : 12

What is the purpose of employing RAID with FortiAnalyzer?

A.To introduce redundancy to your log data
B.To provide data separation between ADOMs
C.To separate analytical and archive data
D.To back up your logs

정답:

Question No : 13

What remote authentication servers can you configure to validate your FortiAnalyzer administrator logons? (Choose three)

A.RADIUS
B.Local
C.LDAP
D.PKI
E.TACACS+

정답:

Question No : 14

FortiAnalyzer uses the Optimized Fabric Transfer Protocok (OFTP) over SSL for what purpose?

A.To upload logs to an SFTP server
B.To prevent log modification during backup
C.To send an identical set of logs to a second logging server
D.To encrypt log communication between devices

정답:

Question No : 15

For which two purposes would you use the command set log checksum? (Choose two.)

A.To help protect against man-in-the-middle attacks during log upload from FortiAnalyzer to an SFTP server
B.To prevent log modification or tampering
C.To encrypt log communications
D.To send an identical set of logs to a second logging server

정답:
Explanation:
To prevent the log in the store from being modified, you can add a log checksum by using the config system global command. When the log is split, archived, and the log is uploaded (if the feature is enabled), you can configure the FortiAnalyzer to log the log file hash value, timestamp, and authentication code. This can help defend against man-in-the-middle attacks when uploading log transmission data from the
FortiAnalyzer to the SFTP server.

Fortinet NSE5_FAZ-6.2 시험