Tens of thousands of competitors, pages of hard questions and unsatisfied exam preparation situations… Do not worried about all those annoying things! We, help you with your NSE 5 Network Security Analyst NSE5_FAZ-6.4 Fortinet NSE 5 – FortiAnalyzer 6.4 exam. We will assist you clear the NSE5_FAZ-6.4 exam with NSE 5 Network Security Analyst NSE5_FAZ-6.4 exam dumps. We NSE5_FAZ-6.4 actual tests are the most comprehensive ones.

Visit our site to get more NSE5_FAZ-6.4 Q and As:https://www.pass1day.com/nse5_faz-6-4.html (94 QAs Dumps)
Question 1:

What is the purpose of a predefined template on the FortiAnalyzer?

A. It can be edited and modified as required

B. It specifies the report layout which contains predefined texts, charts, and macros

C. It specifies report settings which contains time period, device selection, and schedule

D. It contains predefined data to generate mock reports

Correct Answer: B

Reference:

https://help.fortinet.com/fa/faz50hlp/56/5-6-2/

FMGFAZ/2300_Reports/0010_Predefined_reports.htm#:~:text=FortiAnalyzer includes a%

20number of,create and/or build reports.andtext=A template populates the %

20Layout,that is to be created.

https://help.fortinet.com/fa/faz50hlp/56/5-6-2/FMG- FAZ/2300_Reports/0010_Predefined_reports.htm

https://docs2.fortinet.com/document/fortianalyzer/6.0.8/administration- guide/618245/predefined-reportstemplates-charts-and-macros


Question 2:

What FortiGate process caches logs when FortiAnalyzer is not reachable?

A. logfiled

B. sqlplugind

C. oftpd

D. miglogd

Correct Answer: D

Reference: https://forum.fortinet.com/tm.aspx?m=143106


Question 3:

View the exhibit:

What does the 1000MB maximum for disk utilization refer to?

A. The disk quota for the FortiAnalyzer model

B. The disk quota for all devices in the ADOM

C. The disk quota for each device in the ADOM

D. The disk quota for the ADOM type

Correct Answer: B

https://docs.fortinet.com/document/fortianalyzer/6.2.0/administration- guide/743670/configuring-logstorage-policy


Question 4:

If a hard disk fails on a FortiAnalyzer that supports software RAID, what should you do to bring the

FortiAnalyzer back to functioning normally, without losing data?

A. Hot swap the disk

B. Replace the disk and rebuild the RAID manually

C. Take no action if the RAID level supports a failed disk

D. Shut down FortiAnalyzer and replace the disk

Correct Answer: D

https://kb.fortinet.com/kb/documentLink.do?externalID=FD46446#:~:text=On FortiAnalyzer% 2FFortiManager devices that,to exchanging the hard disk.

If a hard disk on a FortiAnalyzer unit fails, it must be replaced. On FortiAnalyzer devices that support hardware RAID, the hard disk can be replaced while the unit is still running ?known as hot swapping. On FortiAnalyzer units with software RAID, the device must be shutdown prior to exchanging the hard disk.

Reference: https://community.fortinet.com/t5/FortiAnalyzer/Technical-Note-How-to-swap-Hard-Disk-onFortiAnalyzer/ta-p/194997?externalID=FD41397#:~:text=If a hard disk on,process% 20know n as hot swapping


Question 5:

Which two statements express the advantages of grouping similar reports? (Choose two.)

A. Improve report completion time.

B. Conserve disk space on FortiAnalyzer by grouping multiple similar reports.

C. Reduce the number of hcache tables and improve auto-hcache completion time.

D. Provides a better summary of reports.

Correct Answer: AC


Question 6:

Logs are being deleted from one of the ADOMs earlier than the configured setting for archiving in the data policy.

What is the most likely problem?

A. CPU resources are too high

B. Logs in that ADOM are being forwarded, in real-time, to another FortiAnalyzer device

C. The total disk space is insufficient and you need to add other disk

D. The ADOM disk quota is set too low, based on log rates

Correct Answer: D

Reference: https://help.fortinet.com/fmgr/50hlp/56/5-6-1/FMG-FAZ/1100_Storage/0017_Deleted device logs.htm


Question 7:

You\’ve moved a registered logging device out of one ADOM and into a new ADOM. What happens when you rebuild the new ADOM database?

A. FortiAnalyzer resets the disk quota of the new ADOM to default.

B. FortiAnalyzer migrates archive logs to the new ADOM.

C. FortiAnalyzer migrates analytics logs to the new ADOM.

D. FortiAnalyzer removes logs from the old ADOM.

Correct Answer: C

https://kb.fortinet.com/kb/documentLink.do?externalID=FD40383


Question 8:

Which two of the following must you configure on FortiAnalyzer to email a FortiAnalyzer report externally? (Choose two.)

A. Mail server

B. Output profile

C. SFTP server

D. Report scheduling

Correct Answer: AB

Reference: https://docs.fortinet.com/document/fortianalyzer/6.0.2/administration- guide/598322/creatingoutput-profiles


Question 9:

By default, what happens when a log file reaches its maximum file size?

A. FortiAnalyzer overwrites the log files.

B. FortiAnalyzer stops logging.

C. FortiAnalyzer rolls the active log by renaming the file.

D. FortiAnalyzer forwards logs to syslog.

Correct Answer: C


Question 10:

For which two purposes would you use the command set log checksum? (Choose two.)

A. To help protect against man-in-the-middle attacks during log upload from FortiAnalyzer to an SFTP server

B. To prevent log modification or tampering

C. To encrypt log communications

D. To send an identical set of logs to a second logging server

Correct Answer: AB


Question 11:

Which clause is considered mandatory in SELECT statements used by the FortiAnalyzer to generate reports?

A. FROM

B. LIMIT

C. WHERE

D. ORDER BY

Correct Answer: A

https://kb.fortinet.com/kb/documentLink.do?externalID=FD48500


Question 12:

You need to upgrade your FortiAnalyzer firmware.

What happens to the logs being sent to FortiAnalyzer from FortiGate during the time FortiAnalyzer is temporarily unavailable?

A. FortiAnalyzer uses log fetching to retrieve the logs when back online

B. FortiGate uses the miglogd process to cache the logs

C. The logfiled process stores logs in offline mode

D. Logs are dropped

Correct Answer: B


Question 13:

Which tabs do not appear when FortiAnalyzer is operating in Collector mode?

A. FortiView

B. Event Management

C. Device Manger

D. Reporting

Correct Answer: B


Question 14:

An administrator has moved FortiGate A from the root ADOM to ADOM1. Which two statements are true regarding logs? (Choose two.)

A. Analytics logs will be moved to ADOM1 from the root ADOM automatically.

B. Archived logs will be moved to ADOM1 from the root ADOM automatically.

C. Logs will be presented in both ADOMs immediately after the move.

D. Analytics logs will be moved to ADOM1 from the root ADOM after you rebuild the ADOM1 SQL database.

Correct Answer: BD

Reference: https://community.fortinet.com/t5/Fortinet-Forum/FW-Migration-between-ADOMs/m-p/32683? m=158008


Question 15:

Refer to the exhibit.

Which two statements are true regarding enabling auto-cache on FortiAnalyzer? (Choose two.)

A. Report size will be optimized to conserve disk space on FortiAnalyzer.

B. Reports will be cached in the memory.

C. This feature is automatically enabled for scheduled reports.

D. Enabling auto-cache reduces report generation time for reports that require a long time to assemble datasets.

Correct Answer: CD

Reference: https://help.fortinet.com/fa/faz50hlp/56/5-6-2/FMG-FAZ/2300_Reports/0025_Auto-cache.htm


Visit our site to get more NSE5_FAZ-6.4 Q and As:https://www.pass1day.com/nse5_faz-6-4.html (94 QAs Dumps)