Fortinet NSE5_FAZ-7.0 Exam

Status: RETIRED

Certification Provider: Fortinet

Exam Name: Fortinet NSE 5 - FortiAnalyzer 7.0

Number of questions in our database: 114

Exam Version: 07-04-2023

NSE5_FAZ-7.0 Exam Official Topics:

Topic 1: Configure administrative domains (ADOMs)/ Create and manage playbooks
Topic 2: Configure high availability (HA)/ Troubleshoot and manage logs
Topic 3: Troubleshoot device communication issues/ Configure administrative access
Topic 4: Explain SOC features in FortiAnalyzer/ Perform initial configuration
Topic 5: Manage events and event handlers/ Manage and troubleshoot reports
Topic 6: Customize and generate reports/ Device registration and communication
Topic 7: Customize charts and datasets/ Explain playbook components
Topic 8: System configuration/ Protect log data/ Manage incidents

Free Fortinet NSE5_FAZ-7.0 Exam Actual Questions

The questions for NSE5_FAZ-7.0 were last updated On 07-04-2023

Question #1

Which statement is true about sending notifications with incident updates?

ANotifications can be sent only when an incident is updated or deleted.

BIf you use multiple fabric connectors, all connectors must have the same notification settings

CNotifications can be sent only by email.

DYou can send notifications to multiple external platforms

Reveal Solution

Correct Answer: D

You can add more than one fabric connector, each with the same or different notification settings. The receiving side of the connector must be configured for the notifications to be sent successfully.

FortiAnalyzer_7.0_Study_Guide-Online.pdf page 34: Fabric connectors also enable FortiAnalyzer to send notifications to ITSM platforms when a new incident is created or for any subsequent updates.

Question #2

Which statement is true when you are upgrading the firmware on an HA cluster made up of two FortiAnalyzer devices?

AFirst, upgrade the secondary device, and then upgrade the primary device.

BBoth FortiAnalyzer devices will be upgraded at the same time.

CYou can enable uninterruptible-upgrade so that the normal FortiAnalyzer operations are not interrupted while the cluster firmware upgrades.

DYou can perform the firmware upgrade using only a console connection.

Reveal Solution

Correct Answer: A

FortiAnalyzer_7.0_Study_Guide-Online.pdf page 64: To upgrade FortiAnalyzer HA cluster firmware:

1. Log in to each secondary device.

2. Upgrade the firmware of all secondary devices.

3. Wait for the upgrades to complete and verify that all secondary devices joined the cluster.

4. Verify that logs on all secondary devices are synchronized with the primary device.

5. Upgrade the primary device.

https://docs.fortinet.com/document/fortianalyzer/7.2.0/upgrade-guide/262607/upgrading-fortianalyzer-firmware

Question #3

Which statement is true about sending notifications with incident updates?

ANotifications can be sent only when an incident is updated or deleted.

BIf you use multiple fabric connectors, all connectors must have the same notification settings

CNotifications can be sent only by email.

DYou can send notifications to multiple external platforms

Reveal Solution

Correct Answer: D

FortiAnalyzer_7.0_Study_Guide-Online.pdf page 34: Fabric connectors also enable FortiAnalyzer to send notifications to ITSM platforms when a new incident is created or for any subsequent updates.

Question #4

Which statement correctly describes the management extensions available on FortiAnalyzer?

AManagement extensions do not require additional licenses.

BManagement extensions allow FortiAnalyzer to act as a ForbSIEM supervisor.

CManagement extensions require a dedicated VM for best performance.

DManagement extensions may require a minimum number of CPU cores to run.

Reveal Solution

Correct Answer: D

Events in FortiAnalyzer will be in one of four statuses. The current status will determine if more actions need to be taken by the security team or not.

The possible statuses are:

Unhandled: The security event risk is not mitigated or contained, so it is considered open.

Contained: The risk source is isolated.

Mitigated: The security risk is mitigated by being blocked or dropped.

(Blank): Other scenarios.

FortiAnalyzer_7.0_Study_Guide-Online pag. 189.

FortiAnalyzer_7.0_Study_Guide-Online.pdf page 189: Review the hardware requirements before you enable a management extension application. Some of them require a minimum amount of memory or a minimum number of CPU cores.

Question #5

What can you do on FortiAnalyzer to restrict administrative access from specific locations?

AConfigure trusted hosts for that administrator.

BEnable geo-location services on accessible interface.

CConfigure two-factor authentication with a remote RADIUS server.

DConfigure an ADOM for respective location.

Reveal Solution

Correct Answer: A

Unlock all NSE5_FAZ-7.0 Exam Questions with Advanced Practice Test Features:

Select Question Types you want
Set your Desired Pass Percentage
Allocate Time (Hours : Minutes)
Create Multiple Practice tests with Limited Questions
Customer Support

Get Full Access Now

Disscuss Fortinet NSE5_FAZ-7.0 Topics, Questions or Ask Anything Related

Submit Cancel