Summer Special 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: bestdeal

Free Fortinet NSE5_FAZ-7.2 Practice Exam with Questions & Answers | Set: 4

Questions 31

A rogue administrator was accessing FortiAnalyzer without permission, and you are tasked to see what activity was performed by that rogue administrator on FortiAnalyzer.

What can you do on FortiAnalyzer to accomplish this?

Options:
A.

Click FortiView and generate a report for that administrator.

B.

Click Task Monitor and view the tasks performed by that administrator.

C.

Click Log View and generate a report for that administrator.

D.

View the tasks performed by the rogue administrator in Fabric View.

Fortinet NSE5_FAZ-7.2 Premium Access
Questions 32

Which two elements are contained in a system backup created on FortiAnalyzer? (Choose two.)

Options:
A.

System information

B.

Logs from registered devices

C.

Report information

D.

Database snapshot

Questions 33

In the FortiAnalyzer FortiView, source and destination IP addresses from FortiGate devices arenotresolving to a hostname.

How can you resolve the source and destination IP addresses, without introducing any additional performance impact to FortiAnalyzer?

Options:
A.

Resolve IP addresses on a per-ADOM basis to reduce delay on FortiView while IPs resolve

B.

Configure# set resolve-ip enablein the system FortiView settings

C.

Configure local DNS servers on FortiAnalyzer

D.

Resolve IP addresses on FortiGate

Questions 34

Which statements are true regarding securing communications between FortiAnalyzer and FortiGate with IPsec? (Choose two.)

Options:
A.

Must configure the FortiAnalyzer end of the tunnel only--the FortiGate end is auto-negotiated.

B.

Must establish an IPsec tunnel ID and pre-shared key.

C.

IPsec cannot be enabled if SSL is enabled as well.

D.

IPsec is only enabled through the CLI on FortiAnalyzer.

Questions 35

FortiAnalyzer centralizes which functions? (Choose three)

Options:
A.

Network analysis

B.

Graphical reporting

C.

Content archiving / data mining

D.

Vulnerability assessment

E.

Security log analysis / forensics

Questions 36

The admin administrator is failing to register a FortiClient EMS on the FortiAnalyzer device.

What can be the reason for this failure?

Options:
A.

FortiAnalyzer is in an HA cluster.

B.

ADOM mode should be set to advanced, in order to register the FortiClient EMS device.

C.

ADOMs are not enabled on FortiAnalyzer.

D.

A separate license is required on FortiAnalyzer in order to register the FortiClient EMS device.

Questions 37

What statements are true regarding disk log quota? (Choose two)

Options:
A.

The FortiAnalyzer stops logging once the disk log quota is met.

B.

The FortiAnalyzer automatically sets the disk log quota based on the device.

C.

The FortiAnalyzer can overwrite the oldest logs or stop logging once the disk log quota is met.

D.

The FortiAnalyzer disk log quota is configurable, but has a minimum o 100mb a maximum based on the reserved system space.

Questions 38

What happens when the IOC breach detection engine on FortiAnalyzer finds web logs that match a blocklisted IP address?

Options:
A.

The endpoint is marked as Compromised and. optionally, can be put in quarantine.

B.

FortiAnalyzer flags the associated host for further analysis.

C.

A new Infected entry is added for the corresponding endpoint.

D.

The detection engine classifies those logs as Suspicious

Questions 39

Refer to the exhibit.

NSE5_FAZ-7.2 Question 39

Based on the partial outputs displayed, which devices can be members of a FortiAnalyzer Fabric?

Options:
A.

FortiAnalyzerl and FortiAnalyzer3

B.

FortiAnalyzer1 and FortiAnalyzer2

C.

All devices listed can be members

D.

FortiAnalyzer2 and FortiAnalyzer3

Questions 40

How are logs forwarded when FortiAnalyzer is using aggregation mode?

Options:
A.

Logs are forwarded as they are received and content files are uploaded at a scheduled time.

B.

Logs and content files are stored and uploaded at a scheduled time.

C.

Logs are forwarded as they are received.

D.

Logs and content files are forwarded as they are received.

Exam Code: NSE5_FAZ-7.2
Certification Provider: Fortinet
Exam Name: Fortinet NSE 5 - FortiAnalyzer 7.2
Last Update: Jul 11, 2025
Questions: 137

Fortinet Related Exams

How to pass Fortinet NSE5_FCT-7.0 - NSE5_FCT-7.0 NSE 5 - FortiClient EMS 7.0 Exam
How to pass Fortinet NSE5_EDR-5.0 - Fortinet NSE 5 - FortiEDR 5.0 Exam Exam
How to pass Fortinet NSE5_FSM-6.3 - Fortinet NSE 5 - FortiSIEM 6.3 Exam
How to pass Fortinet NSE5_FMG-7.2 - Fortinet NSE 5 - FortiManager 7.2 Exam
FCP_FGT_AD-7.4 - FCP - FortiGate 7.4 Administrator
NSE6_FSR-7.0 - Fortinet NSE 6 - FortiSOAR 7.0 Administrator
FCP_FMG_AD-7.6 - FCP - FortiManager 7.6 Administrator
NSE7_EFW-7.2 - Fortinet NSE 7 - Enterprise Firewall 7.2
FCP_FCT_AD-7.2 - FCP-FortiClient EMS 7.2 Administrator
NSE6_FWF-6.4 - Fortinet NSE 6 - Secure Wireless LAN 6.4
NSE6_FSW-6.4 - Fortinet NSE 6 - FortiSwitch 6.4
FCP_FSM_AN-7.2 - FCP - FortiSIEM 7.2 Analyst
FCSS_CDS_AR-7.6 - FCSS - Public Cloud Security 7.6 Architect
FCSS_SASE_AD-24 - FCSS - FortiSASE 24 Administrator
NSE6_FNC-9.1 - Fortinet NSE 6 - FortiNAC 9.1
Fortinet Free Access
Get Fortinet Full Access

Fortinet Free Exams
Fortinet Free Exams
Access free Fortinet exam study guides and practice tests at Examstrack. Ensure your success with top-notch preparation resources at Examstrack.