nse5_faz-72

Here you have the best Fortinet nse5_faz-72 practice exam questions

You have 46 total questions to study from
Each page has 5 questions, making a total of 10 pages
You can navigate through the pages using the buttons at the bottom
This questions were last updated on November 15, 2024

Question 1 of 46

Which two statements are correct regarding the export and import of playbooks? (Choose two.)

You can import a playbook even if there is another one with the same name in the destination.

Playbooks can be exported and imported only within the same FortiAnalyzer device.

You can export only one playbook at a time.

A playbook that was disabled when it was exported will be disabled when it is imported.

Correct Answer: A, D

Playbooks can be imported even if there is another one with the same name in the destination; a new name that includes a timestamp will be created to avoid conflicts. Additionally, a playbook that was disabled when it was exported will maintain its disabled status when it is imported.

Question 2 of 46

A playbook contains five tasks in total. An administrator runs the playbook and four out of five tasks finish successfully, but one task fails.

What will be the status of the playbook after it is run?

Running

Failed

Upstream_failed

Success

Correct Answer: B

When a playbook is run, and one or more tasks fail, the overall status of the playbook is marked as Failed. This is because the success criterion for the playbook requires that all tasks complete successfully. Hence, even if only one task fails out of the total, the playbook status will be Failed.

Question 3 of 46

Which statement about the FortiSIEM management extension is correct?

Allows you to manage the entire life cycle of a threat or breach.

Its use of the available disk space is capped at 50%.

It requires a licensed FortiSIEM supervisor.

It can be installed as a dedicated VM.

Correct Answer: C

The FortiSIEM management extension requires a licensed FortiSIEM supervisor to function correctly. This is because the FortiSIEM uses centralized supervision and management, which necessitates proper licensing to coordinate and oversee operations.

Question 4 of 46

Which two statements are true regarding the outbreak detection service? (Choose two.)

New alerts are received by email.

Outbreak alerts are available on the root ADOM only.

An additional license is required.

It automatically downloads new event handlers and reports.

Correct Answer: C, D

The outbreak detection service on FortiAnalyzer is a licensed feature, which means an additional license is required to use this service. Additionally, the service automatically downloads new event handlers and reports related to outbreaks, which helps in promptly addressing the detected threats.

Question 5 of 46

What must you consider when using log fetching? (Choose two.)

The fetch client can retrieve logs from devices that are not added to its local Device Manager.

You can use filters to include only logs from a single device.

The fetching profile must include a user with the Super_User profile.

The archive logs retrieved from the server become archive logs in the client.

Correct Answer: A, B

When using log fetching, two crucial factors must be considered: First, the fetch client has the capability to retrieve logs from devices that are not yet added to its local Device Manager. This means that while it can fetch logs, the logs won't be viewable until the corresponding devices are added. Second, it is possible to use filters to include logs from a specific device. This allows for more targeted log retrieval, ensuring that only the relevant logs are fetched based on the defined criteria.