1. Home
  2. Fortinet
  3. NSE5_FAZ-6.4

Fortinet NSE 5 - FortiAnalyzer 6.4

Exam Details

  • Exam Code
    :NSE5_FAZ-6.4
  • Exam Name
    :Fortinet NSE 5 - FortiAnalyzer 6.4
  • Certification
    :Fortinet Certifications
  • Vendor
    :Fortinet
  • Total Questions
    :94 Q&As
  • Last Updated
    :Jun 12, 2025

Fortinet Fortinet Certifications NSE5_FAZ-6.4 Questions & Answers

  • Question 61:

    What is Log Insert Lag Time on FortiAnalyzer?

    A. The number of times in the logs where end users experienced slowness while accessing resources.

    B. The amount of lag time that occurs when the administrator is rebuilding the ADOM database.

    C. The amount of time that passes between the time a log was received and when it was indexed on FortiAnalyzer.

    D. The amount of time FortiAnalyzer takes to receive logs from a registered device

  • Question 62:

    Which two statement are true regardless initial Logs sync and Log Data Sync for Ha on FortiAnalyzer?

    A. By default, Log Data Sync is disabled on all backup devise.

    B. Log Data Sync provides real-time log synchronization to all backup devices.

    C. With initial Logs Sync, when you add a unit to an HA cluster, the primary device synchronizes its logs with the backup device.

    D. When Logs Data Sync is turned on, the backup device will reboot and then rebuilt the log database with the synchronized logs.

  • Question 63:

    Which two statements are true regarding log fetching on FortiAnalyzer? (Choose two.)

    A. A FortiAnalyzer device can perform either the fetch server or client role, and it can perform two roles at the same time with the same FortiAnalyzer devices at the other end.

    B. Log fetching can be done only on two FortiAnalyzer devices that are running the same firmware version.

    C. Log fetching allows the administrator to fetch analytics logs from another FortiAnalyzer for redundancy.

    D. Log fetching allows the administrator to run queries and reports against historical data by retrieving archived logs from one FortiAnalyzer device and sending them to another FortiAnalyzer device.

  • Question 64:

    A rogue administrator was accessing FortiAnalyzer without permission, and you are tasked to see what activity was performed by that rogue administrator on FortiAnalyzer.

    What can you do on FortiAnalyzer to accomplish this?

    A. Click FortiView and generate a report for that administrator.

    B. Click Task Monitor and view the tasks performed by that administrator.

    C. Click Log View and generate a report for that administrator.

    D. View the tasks performed by the rogue administrator in Fabric View.

  • Question 65:

    View the exhibit.

    Why is the total quota less than the total system storage?

    A. 3.6% of the system storage is already being used.

    B. Some space is reserved for system use, such as storage of compression files, upload files, and temporary report files

    C. The oftpd process has not archived the logs yet

    D. The logfiled process is just estimating the total quota

  • Question 66:

    Which two methods are the most common methods to control and restrict administrative access on FortiAnalyzer? (Choose two.)

    A. Virtual domains

    B. Administrative access profiles

    C. Trusted hosts

    D. Security Fabric

  • Question 67:

    Which FortiAnalyzer feature allows you to retrieve the archived logs matching a specific timeframe from another FortiAnalyzer device?

    A. Log upload

    B. Indicators of Compromise

    C. Log forwarding an aggregation mode

    D. Log fetching

  • Question 68:

    Which statements are correct regarding FortiAnalyzer reports? (Choose two)

    A. FortiAnalyzer provides the ability to create custom reports.

    B. FortiAnalyzer glows you to schedule reports to run.

    C. FortiAnalyzer includes pre-defined reports only.

    D. FortiAnalyzer allows reporting for FortiGate devices only.

  • Question 69:

    What are two advantages of setting up fabric ADOM? (Choose two.)

    A. It can be used for fast data processing and log correlation

    B. It can be used to facilitate communication between devices in same Security Fabric

    C. It can include all Fortinet devices that are part of the same Security Fabric

    D. It can include only FortiGate devices that are part of the same Security Fabric

  • Question 70:

    Which two statements are true regarding FortiAnalyzer log forwarding? (Choose two.)

    A. In aggregation mode, you can forward logs to syslog and CEF servers as well.

    B. Forwarding mode forwards logs in real time only to other FortiAnalyzer devices.

    C. Aggregation mode stores logs and content files and uploads them to another FortiAnalyzer device at a scheduled time.

    D. Both modes, forwarding and aggregation, support encryption of logs between devices.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Fortinet exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your NSE5_FAZ-6.4 exam preparations and Fortinet certification application, do not hesitate to visit our Vcedump.com to find your solutions here.