Free NSE5_FAZ-7.2 Sample Questions — FortiAnalyzer 7.2 Analyst

Which two statements are true regarding log fetching on FortiAnalyzer? (Choose two.)

• A. Log fetching allows the administrator to fetch analytics logs from another FortiAnalyzer for redundancy
• B. Log fetching allows the administrator to run queries and reports against historical data by retrieving archived logs from one FortiAnalyzer device and sending them to another FortiAnalyzer device
• C. FortiAnalyzer device can perform either the fetch server or client role, and it can perform two roles at the same time with the same FortiAnalyzer devices at the other end
• D. Log fetching can be done only on two FortiAnalyzer devices that are running the same firmware version

Which statement about the FortiSOAR management extension is correct?

• A. It requires a FortiManager configured to manage FortiGate
• B. It requires a dedicated FortiSOAR device or VM
• C. It does not include a limited trial by default
• D. It runs as a docker container on FortiAnalyzer

You created a playbook on FortiAnalyzer that uses a FortiOS connector. When configuring the FortiGate side, which type of trigger must be used so that the actions in an automation stitch are available in the FortiOS connector?

• A. FortiAnalyzer Event Handler
• B. Incoming webhook
• C. Fabric Connector event
• D. FortiOS Event Log

Which statement about the FortiSIEM management extension is correct?

• A. Allows you to manage the entire life cycle of a threat or breach
• B. Its use of the available disk space is capped at 50%
• C. It requires a licensed FortiSIEM supervisor
• D. It can be installed as a dedicated VM

Which FortiAnalyzer feature allows you to use a proactive approach when managing your network security?

• A. Outbreak alert services
• B. FortiView Monitor
• C. Threat hunting
• D. Incidents dashboard

Which statement correctly describes the management extensions available on FortiAnalyzer?

• A. Management extensions allow FortiAnalyzer to act as a FortiSIEM supervisor
• B. Management extensions may require a minimum number of CPU cores to run
• C. Management extensions require a dedicated VM for best performance
• D. Management extensions do not require additional licenses

Which SQL query is in the correct order to query the database in the FortiAnalyzer?

• A. FROM $log WHERE 'user'='USER1' SELECT devid GROUP BY devid
• B. SELECT devid FROM $log GROUP BY devid WHERE 'user'='USER1'
• C. SELECT devid FROM $log WHERE 'user'='USER1' GROUP BY devid
• D. SELECT devid WHERE 'user'='USER1' FROM $log GROUP BY devid

In Log View, you can use the Chart Builder feature to build a dataset and chart based on the filtered search results. Similarly, which feature can you use for FortiView?

• A. Export to Chart Library
• B. Export to Custom Chart
• C. Export to Chart Builder
• D. Export to Report Chart

Which item must you configure on FortiAnalyzer to email generated reports automatically?

• A. Output profile
• B. Report scheduling
• C. SFTP server
• D. SNMP server

What are two benefits of using fabric connectors? (Choose two.)

• A. They allow FortiAnalyzer to send logs in real-time to public cloud accounts
• B. You do not need an additional license to send logs to the cloud platform
• C. Fabric connectors allow you to improve redundancy
• D. Using fabric connectors is more efficient than using third-party polling with API