準備できるNSE5_FAZ-7.2問題解答は無料更新されて100%試験合格保証 [2023]
問題集リアルなFortinet NSE5_FAZ-7.2試験問題 [更新されたのは2023年]
Fortinet NSE5_FAZ-7.2認定試験の準備をするために、候補者はFortinetが提供するトレーニングとリソースを活用できます。これらには、オンラインコース、学習ガイド、練習試験が含まれます。適切な準備をすれば、候補者は試験に合格し、Fortinet NSE5_FAZ-7.2認定を獲得し、ネットワークセキュリティのキャリア成長のための新しい機会を開きます。
Fortinet NSE5_FAZ-7.2 認定試験は、FortiAnalyzer を扱うサイバーセキュリティのプロフェッショナルが、このテクノロジを使ったセキュリティ関連のデータの監視と分析に対する専門知識を証明することを目的としています。この認定試験は、ネットワーク管理者、セキュリティアナリスト、および他の IT プロフェッショナルがサイバーセキュリティに関するスキルや知識を向上させたい場合にも適しています。
質問 # 64
What is the purpose of output variables?
- A. To store playbook execution statistics
- B. To display details of the connectors used by a playbook
- C. To use the output of the previous task as the input of the current task
- D. To save all the task settings when a playbook is exported
正解:C
解説:
FortiAnalyzer_7.0_Study_Guide-Online.pdf page 242: Output variables allow you to use the output from a preceding task as an input to the current task.
"Output variables allow you to use the output from a preceding task as an input to the current task." FortiAnalyzer_7.0_Study_Guide-Online page 242
質問 # 65
Which statements are true of Administrative Domains (ADOMs) in FortiAnalyzer? (Choose two.)
- A. ADOMs are enabled by default.
- B. All administrators can create ADOMs--not just the admin administrator.
- C. ADOMs constrain other administrator's access privileges to a subset of devices in the device list.
- D. Once enabled, the Device Manager, FortiView, Event Management, and Reports tab display per ADOM.
正解:C、D
質問 # 66
Refer to the exhibit.
Which two statements are true regarding enabling auto-cache on FortiAnalyzer? (Choose two.)
- A. This feature is automatically enabled for scheduled reports.
- B. Reports will be cached in the memory.
- C. Report size will be optimized to conserve disk space on FortiAnalyzer.
- D. Enabling auto-cache reduces report generation time for reports that require a long time to assemble datasets.
正解:A、D
解説:
"Enable auto-cache in the report settings to boost the reporting performance and reduce report generation time. Scheduled reports have auto-cache enabled already." FortiAnalyzer_7.0_Study_Guide-Online page 306
質問 # 67
Refer to the exhibit.
What does the data point at 14:55 tell you?
- A. Logs are being dropped
- B. Raw logs are reaching FortiAnalyzer faster than they can be indexed
- C. The received rate is almost at its maximum for this device
- D. The sqlplugind daemon is behind in log indexing by two logs
正解:B
質問 # 68
What FortiView tool can you use to automatically build a dataset and chart based on a filtered search result?
- A. Export to Report Chart
- B. Custom View
- C. Dataset Library
- D. Chart Builder
正解:A
質問 # 69
Refer to the exhibit.
Laptop1 is used by several administrators to manage FortiAnalyzer. You want to configure a generic text filter that matches all login attempts to the web interface generated by any user other than "admin", and coming from Laptop1.
Which filter will achieve the desired result?
- A. operation-login & performed_on=="GUI(10.1.1.100)" & user!=admin
- B. operation-login & srcip==10.1.1.100 & dstip==10.1.1.210 & user==admin
- C. operation-login & performed_on=="GUI(10.1.1.210)" & user!=admin
- D. operation-login & dstip==10.1.1.210 & user!-admin
正解:A
質問 # 70
Refer to the exhibit.
The exhibit shows "remoteservergroup" is an authentication server group with LDAP and RADIUS servers.
Which two statements express the significance of enabling "Match all users on remote server" when configuring a new administrator? (Choose two.)
- A. It creates a wildcard administrator using LDAP and RADIUS servers.
- B. Use remoteadmin from LDAP and RADIUS servers will be able to log in to FortiAnalyzer at anytime.
- C. Administrator can log in to FortiAnalyzer using their credentials on remote servers LDAP and RADIUS.
- D. It allows administrators to use two-factor authentication.
正解:A、C
質問 # 71
Which two methods are the most common methods to control and restrict administrative access on FortiAnalyzer? (Choose two.)
- A. Administrative access profiles
- B. Virtual domains
- C. Security Fabric
- D. Trusted hosts
正解:A、D
解説:
Reference:
https://docs2.fortinet.com/document/fortianalyzer/6.0.0/administration-guide/581222/trusted-hosts
質問 # 72
FortiAnalyzer centralizes which functions? (Choose three)
- A. Network analysis
- B. Vulnerability assessment
- C. Security log analysis / forensics
- D. Content archiving / data mining
- E. Graphical reporting
正解:C、D、E
質問 # 73
What remote authentication servers can you configure to validate your FortiAnalyzer administrator logons? (Choose three)
- A. RADIUS
- B. TACACS+
- C. PKI
- D. Local
- E. LDAP
正解:A、B、E
質問 # 74
Which two of the following must you configure on FortiAnalyzer to email a FortiAnalyzer report externally?
(Choose two.)
- A. Mail server
- B. Output profile
- C. Report scheduling
- D. SFTP server
正解:A、B
質問 # 75
Refer to the exhibits.

How many events will be added to the incident created after running this playbook?
- A. No events will be added.
- B. Thirteen events will be added.
- C. Five events will be added.
- D. Ten events will be added.
正解:D
質問 # 76
Which FortiAnalyzer feature allows you to retrieve the archived logs matching a specific timeframe from another FortiAnalyzer device?
- A. Log fetching
- B. Indicators of Compromise
- C. Log forwarding an aggregation mode
- D. Log upload
正解:A
解説:
https://docs.fortinet.com/document/fortianalyzer/6.2.0/administration-guide/651442/fetcher-management
質問 # 77
What is the purpose of a predefined template on the FortiAnalyzer?
- A. It contains predefined data to generate mock reports
- B. It specifies the report layout which contains predefined texts, charts, and macros
- C. It can be edited and modified as required
- D. It specifies report settings which contains time period, device selection, and schedule
正解:B
解説:
Reference:
2300_Reports/0010_Predefined_reports.htm#:~:text=FortiAnalyzer%20includes%20a%20number%
20of,create%20and%2For%20build%20reports.&text=A%20template%20populates%20the%20Layout,that%
20is%20to%20be%20created.
https://help.fortinet.com/fa/faz50hlp/56/5-6-2/FMG-FAZ/2300_Reports/0010_Predefined_reports.htm
質問 # 78
Which two statement are true regardless initial Logs sync and Log Data Sync for Ha on FortiAnalyzer?
- A. When Logs Data Sync is turned on, the backup device will reboot and then rebuilt the log database with the synchronized logs.
- B. Log Data Sync provides real-time log synchronization to all backup devices.
- C. With initial Logs Sync, when you add a unit to an HA cluster, the primary device synchronizes its logs with the backup device.
- D. By default, Log Data Sync is disabled on all backup devise.
正解:A、C
質問 # 79
What must you consider when using log fetching? (Choose two.)
- A. The archive logs retrieved from the server become archive logs in the client.
- B. You can use filters to include only logs from a single device.
- C. The fetch client can retrieve logs from devices that are not added to its local Device Manager
- D. The fetching profile must include a user with the Super_User profile.
正解:B、D
質問 # 80
What can the CLI command # diagnose test application oftpd 3 help you to determine?
- A. What ADOMs are enabled and configured
- B. What devices are registered and unregistered
- C. What logs, if any, are reaching FortiAnalyzer
- D. What devices and IP addresses are connecting to FortiAnalyzer
正解:D
解説:
https://docs.fortinet.com/document/fortianalyzer/6.2.5/cli-reference/395556/test#test_application
質問 # 81
Which statement is true about sending notifications with incident updates?
- A. If you use multiple fabric connectors, all connectors must have the same notification settings
- B. Notifications can be sent only when an incident is updated or deleted.
- C. You can send notifications to multiple external platforms
- D. Notifications can be sent only by email.
正解:C
解説:
You can add more than one fabric connector, each with the same or different notification settings. The receiving side of the connector must be configured for the notifications to be sent successfully.
FortiAnalyzer_7.0_Study_Guide-Online.pdf page 34: Fabric connectors also enable FortiAnalyzer to send notifications to ITSM platforms when a new incident is created or for any subsequent updates.
質問 # 82
Consider the CLI command:
What is the purpose of the command?
- A. To add a unique tag to each log to prove that it came from this FortiAnalyzer
- B. To encrypt log communications
- C. To add a log file checksum
- D. To add the MD5 hash value and authentication code
正解:C
解説:
https://docs.fortinet.com/document/fortianalyzer/6.2.5/cli-reference/849211/global
質問 # 83
What is the purpose of using prefilters when configuring event handlers?
- A. They limit which logs are checked for matches by the other filters.
- B. They can filter the logs before they are processed by FortiAnalyzer
- C. They are common filters applied simultaneously to all event handlers.
- D. They download new filters to be used in event handlers.
正解:A
質問 # 84
......
NSE5_FAZ-7.2試験問題集、NSE5_FAZ-7.2練習テスト問題:https://jp.fast2test.com/NSE5_FAZ-7.2-premium-file.html