• ホーム
  • ブログ
  • NSE5_FAZ-7.0のPDF問題集で2023年12月19日最近更新された問題 [Q14-Q30]

NSE5_FAZ-7.0のPDF問題集で2023年12月19日最近更新された問題 [Q14-Q30]

Share

NSE5_FAZ-7.0のPDF問題集で2023年12月19日最近更新された問題

NSE5_FAZ-7.0試験問題有効なNSE5_FAZ-7.0問題集PDF

質問 # 14
Refer to the exhibits.


How many events will be added to the incident created after running this playbook?

  • A. Ten events will be added.
  • B. Thirteen events will be added.
  • C. Five events will be added.
  • D. No events will be added.

正解:C


質問 # 15
FortiAnalyzer reports are dropping analytical data from 15 days ago, even though the data policy setting for analytics logs is 60 days.
What is the most likely problem?

  • A. Logs are rolling before the report is run
  • B. Quota enforcement is acting on analytical data before a report is complete
  • C. CPU resources are too high
  • D. Disk utilization for archive logs is set for 15 days

正解:A


質問 # 16
You are using RAID with a FortiAnalyzer that supports software RAID, and one of the hard disks on FortiAnalyzer has failed.
What is the recommended method to replace the disk?

  • A. Clear all RAID alarms and replace the disk while FortiAnalyzer is still running
  • B. Perform a hot swap
  • C. Shut down FortiAnalyzer and then replace the disk
  • D. Downgrade your RAID level, replace the disk, and then upgrade your RAID level

正解:C

解説:
https://community.fortinet.com/t5/FortiAnalyzer/Technical-Note-How-to-swap-Hard-Disk-on-FortiAnalyzer/ta-p/194997?externalID=FD41397#:~:text=If%20a%20hard%20disk%20on,process%20known%20as%20hot%20swapping


質問 # 17
Which daemon is responsible for enforcing the log file size?

  • A. ofrpd
  • B. logfiled
  • C. miglogd
  • D. sqlplugind

正解:B

解説:
FortiAnalyzer_7.0_Study_Guide-Online.pdf page 121: The logfiled process enforces the log file size and is also responsible for disk quota enforcement by monitoring the other processes.


質問 # 18
For which two purposes would you use the command set log checksum? (Choose two.)

  • A. To send an identical set of logs to a second logging server
  • B. To help protect against man-in-the-middle attacks during log upload from FortiAnalyzer to an SFTP server
  • C. To encrypt log communications
  • D. To prevent log modification or tampering

正解:B、D

解説:
To prevent logs from being tampered with while in storage, you can add a log checksum using the config system global command. You can configure FortiAnalyzer to record a log file hash value, timestamp, and authentication code when the log is rolled and archived and when the log is uploaded (if that feature is enabled). This can also help against man-in-the-middle only for the transmission from FortiAnalyzer to an SSH File Transfer Protocol (SFTP) server during log upload.
FortiAnalyzer_7.0_Study_Guide-Online page 149


質問 # 19
If you upgrade your FortiAnalyzer firmware, what report elements can be affected?

  • A. Output profiles
  • B. Report scheduling
  • C. Custom datasets
  • D. Report settings

正解:C


質問 # 20
Which statements are true regarding securing communications between FortiAnalyzer and FortiGate with IPsec? (Choose two.)

  • A. Must establish an IPsec tunnel ID and pre-shared key.
  • B. IPsec cannot be enabled if SSL is enabled as well.
  • C. IPsec is only enabled through the CLI on FortiAnalyzer.
  • D. Must configure the FortiAnalyzer end of the tunnel only--the FortiGate end is auto-negotiated.

正解:B


質問 # 21
Refer to the exhibits.


How many events will be added to the incident created after running this playbook?

  • A. Five events will be added.
  • B. Thirteen events will be added.
  • C. Ten events will be added.
  • D. No events will be added.

正解:C


質問 # 22
What is the main purpose of using an NTP server on FortiAnalyzer and all of its registered devices?

  • A. Log correlation
  • B. Log collection
  • C. Host name resolution
  • D. Real-time forwarding

正解:A


質問 # 23
If a hard disk fails on a FortiAnalyzer that supports software RAID, what should you do to bring the FortiAnalyzer back to functioning normally, without losing data?

  • A. Replace the disk and rebuild the RAID manually
  • B. Shut down FortiAnalyzer and replace the disk
  • C. Hot swap the disk
  • D. Take no action if the RAID level supports a failed disk

正解:B

解説:
https://kb.fortinet.com/kb/documentLink.do?externalID=FD46446#:~:text=On%20FortiAnalyzer%2FFortiManager%20devices%20that,to%20exchanging%20the%20hard%20disk.
If a hard disk on a FortiAnalyzer unit fails, it must be replaced. On FortiAnalyzer devices that support hardware RAID, the hard disk can be replaced while the unit is still running - known as hot swapping. On FortiAnalyzer units with software RAID, the device must be shutdown prior to exchanging the hard disk.


質問 # 24
A play book contains five tasks in total. An administrator executed the playbook and four out of five tasks finished successfully, but one task failed. What will be the status of the playbook after its execution?

  • A. Running
  • B. Success
  • C. Upstream_failed
  • D. Failed

正解:D

解説:
Playbook jobs that include one or more failed tasks are labeled as Failed in Playbook Monitor. FortiAnalyzer_7.0_Study Guide page No: 247 Playbook jobs that include one or more failed tasks are labeled as Failed in Playbook Monitor. A failed status, however, does not mean that all tasks failed. Some individual actions may have been completed successfully.


質問 # 25
For which two SAML roles can the FortiAnalyzer be configured? (Choose two.)

  • A. Identity provider
  • B. Service provider
  • C. Identity collector
  • D. Principal

正解:A、B

解説:
Reference:
20the%20identity%20provider%20(IdP,external%20identity%20provider%20is%20available.
https://docs.fortinet.com/document/fortianalyzer/6.2.0/administration-guide/981386/saml-admin-authentication


質問 # 26
You crested a playbook on FortiAnalyzer that uses a FortiOS connector
When configuring the FortiGate side, which type of trigger must be used so that the actions in an automation stitch are available in the FortiOS connector?

  • A. FortiAnalyzer Event Handler
  • B. Fabric Connector event
  • C. Incoming webhook
  • D. FortiOS Event Log

正解:C

解説:
"One possible scenario is shown on the slide:
1. Traffic flows through the FortiGate
2. FortiGate sends logs to FortiAnalyzer
3. FortiAnalyzer detects some suspicious traffic and generates an event
4. The event triggers the execution of a playbook in FortiAnalyzer, which sends a webhook call to FortiGate so that it runs an automation stitch
5. FortiGate runs the automation stitch with the corrective or preventive actions" FortiAnalyzer_7.0_Study_Guide-Online page 228 In order to see the actions related to the FOS connector, you must enable an automation rule using the Incoming Webhook Call trigger on the FortiGate side. FortiAnalyzer_7.0_Study Guide page no 233


質問 # 27
Which two actions should an administrator take to view Compromised Hosts on FortiAnalyzer? (Choose two.)

  • A. Enable web filtering in firewall policies on FortiGate devices, and make sure these logs are sent to FortiAnalyzer.
  • B. Make sure all endpoints are reachable by FortiAnalyzer.
  • C. Subscribe FortiAnalyzer to FortiGuard to keep its local threat database up to date.
  • D. Enable device detection on an interface on the FortiGate devices that are connected to the FortiAnalyzer device.

正解:A、C

解説:
In order to configure IOC, you require the following:
* A one-year subscription to IOC. Note that FortiAnalyzer does include an evaluation license, but it is restrictive and only meant to give you an idea of how the feature works.
* A web filter services subscription on FortiGate device(s)
* Web filter policies on FortiGate device(s) that send traffic to FortiAnalyzer Compromised Hosts or Indicators of Compromise service (IOC) is a licensed feature.
To view Compromised Hosts, you must turn on the UTM web filter of FortiGate devices and subscribe your FortiAnalyzer unit to FortiGuard to keep its local threat database synchronized with the FortiGuard threat database. See Subscribing FortiAnalyzer to FortiGuard.
Ref : https://docs.fortinet.com/document/fortianalyzer/6.4.0/administration-guide/137635/viewing-compromised-hosts


質問 # 28
You crested a playbook on FortiAnalyzer that uses a FortiOS connector
When configuring the FortiGate side, which type of trigger must be used so that the actions in an automation stitch are available in the FortiOS connector?

  • A. Incoming webhook
  • B. FortiAnalyzer Event Handler
  • C. FortiOS Event Log
  • D. Fabric Connector event

正解:D


質問 # 29
Refer to the exhibit.

The exhibit shows "remoteservergroup" is an authentication server group with LDAP and RADIUS servers.
Which two statements express the significance of enabling "Match all users on remote server" when configuring a new administrator? (Choose two.)

  • A. Administrator can log in to FortiAnalyzer using their credentials on remote servers LDAP and RADIUS.
  • B. It creates a wildcard administrator using LDAP and RADIUS servers.
  • C. It allows administrators to use two-factor authentication.
  • D. Use remoteadmin from LDAP and RADIUS servers will be able to log in to FortiAnalyzer at anytime.

正解:A、B


質問 # 30
......

NSE5_FAZ-7.0問題集合格確定させる練習には116問があります:https://www.goshiken.com/Fortinet/NSE5_FAZ-7.0-mondaishu.html

関するブログ

もっと
NSE5_FAZ-7.0無料問題集