Fortinet NSE5_FAZ-6.4 Online Practice
Questions and Exam Preparation
NSE5_FAZ-6.4 Exam Details
Exam Code
:NSE5_FAZ-6.4
Exam Name
:Fortinet NSE 5 - FortiAnalyzer 6.4
Certification
:Fortinet Certifications
Vendor
:Fortinet
Total Questions
:94 Q&As
Last Updated
:Jul 12, 2026
Fortinet NSE5_FAZ-6.4 Online Questions &
Answers
Question 11:
By default, what happens when a log file reaches its maximum file size?
A. FortiAnalyzer overwrites the log files. B. FortiAnalyzer stops logging. C. FortiAnalyzer rolls the active log by renaming the file. D. FortiAnalyzer forwards logs to syslog.
C. FortiAnalyzer rolls the active log by renaming the file.
Question 12:
What are offline logs on FortiAnalyzer?
A. Compressed logs, which are also known as archive logs, are considered to be offline logs. B. When you restart FortiAnalyzer. all stored logs are considered to be offline logs. C. Logs that are indexed and stored in the SQL database. D. Logs that are collected from offline devices after they boot up.
A. Compressed logs, which are also known as archive logs, are considered to be offline logs.
Which daemon is responsible for enforcing raw log file size?
A. logfiled B. oftpd C. sqlplugind D. miglogd
A. logfiled
Question 14:
Which two settings must you configure on FortiAnalyzer to allow non-local administrators to authenticate to FortiAnalyzer with any user account in a single LDAP group? (Choose two.)
A. A local wildcard administrator account B. A remote LDAP server C. A trusted host profile that restricts access to the LDAP group D. An administrator group
A. A local wildcard administrator account B. A remote LDAP server
What is the purpose of a dataset query in FortiAnalyzer?
A. It sorts log data into tables B. It extracts the database schema C. It retrieves log data from the database D. It injects log data into the database
Why is the total quota less than the total system storage?
A. 3.6% of the system storage is already being used. B. Some space is reserved for system use, such as storage of compression files, upload files, and temporary report files C. The oftpd process has not archived the logs yet D. The logfiled process is just estimating the total quota
B. Some space is reserved for system use, such as storage of compression files, upload files, and temporary report files
An administrator has configured the following settings:
config system fortiview settings set resolve-ip enable end
What is the significance of executing this command?
A. Use this command only if the source IP addresses are not resolved on FortiGate. B. It resolves the source and destination IP addresses to a hostname in FortiView on FortiAnalyzer. C. You must configure local DNS servers on FortiGate for this command to resolve IP addresses on Forti Analyzer. D. It resolves the destination IP address to a hostname in FortiView on FortiAnalyzer.
D. It resolves the destination IP address to a hostname in FortiView on FortiAnalyzer.
A. To add a log file checksum B. To add the MD's hash value and authentication code C. To add a unique tag to each log to prove that it came from this FortiAnalyzer D. To encrypt log communications
A. The number of times in the logs where end users experienced slowness while accessing resources. B. The amount of lag time that occurs when the administrator is rebuilding the ADOM database. C. The amount of time that passes between the time a log was received and when it was indexed on FortiAnalyzer. D. The amount of time FortiAnalyzer takes to receive logs from a registered device
C. The amount of time that passes between the time a log was received and when it was indexed on FortiAnalyzer.
Question 20:
Which two statements are true regarding high availability (HA) on FortiAnalyzer? (Choose two.)
A. FortiAnalyzer HA can function without VRRP. and VRRP is required only if you have more than two FortiAnalyzer devices in a cluster. B. FortiAnalyzer HA supports synchronization of logs as well as some system and configuration settings. C. All devices in a FortiAnalyzer HA cluster must run in the same operation mode: analyzer or collector. D. FortiAnalyzer HA implementation is supported by many public cloud infrastructures such as AWS, Microsoft Azure, and Google Cloud.
B. FortiAnalyzer HA supports synchronization of logs as well as some system and configuration settings. C. All devices in a FortiAnalyzer HA cluster must run in the same operation mode: analyzer or collector.
Nowadays, the certification exams become more and more important and required by more and more
enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare
for the exam in a short time with less efforts? How to get a ideal result and how to find the
most reliable resources? Here on Vcedump.com, you will find all the answers.
Vcedump.com provide not only Fortinet exam questions,
answers and explanations but also complete assistance on your exam preparation and certification
application. If you are confused on your NSE5_FAZ-6.4 exam preparations
and Fortinet certification application, do not hesitate to visit our
Vcedump.com to find your solutions here.