Fortinet NSE5_FAZ-7.0 Online Practice
Questions and Exam Preparation
NSE5_FAZ-7.0 Exam Details
Exam Code
:NSE5_FAZ-7.0
Exam Name
:Fortinet NSE 5 - FortiAnalyzer 7.0
Certification
:Fortinet Certifications
Vendor
:Fortinet
Total Questions
:114 Q&As
Last Updated
:May 29, 2026
Fortinet NSE5_FAZ-7.0 Online Questions &
Answers
Question 71:
Which statements are true regarding securing communications between FortiAnalyzer and FortiGate with SSL? (Choose two.)
A. SSL is the default setting. B. SSL communications are auto-negotiated between the two devices. C. SSL can send logs in real-time only. D. SSL encryption levels are globally set on FortiAnalyzer. E. FortiAnalyzer encryption level must be equal to, or higher than, FortiGate.
A. SSL is the default setting. D. SSL encryption levels are globally set on FortiAnalyzer.
Question 72:
What is the recommended method of expanding disk space on a FortiAnalyzer VM?
A. From the VM host manager, add an additional virtual disk and use the #execute lvm extend command to expand the storage B. From the VM host manager, expand the size of the existing virtual disk C. From the VM host manager, expand the size of the existing virtual disk and use the # execute format disk command to reformat the disk D. From the VM host manager, add an additional virtual disk and rebuild your RAID array
A. From the VM host manager, add an additional virtual disk and use the #execute lvm extend command to expand the storage
What statements are true regarding FortiAnalyzer 's treatment of high availability (HA) dusters? (Choose two)
A. FortiAnalyzer distinguishes different devices by their serial number. B. FortiAnalyzer receives logs from d devices in a duster. C. FortiAnalyzer receives bgs only from the primary device in the cluster. D. FortiAnalyzer only needs to know (he serial number of the primary device in the cluster-it automaticaly discovers the other devices.
A. FortiAnalyzer distinguishes different devices by their serial number. B. FortiAnalyzer receives logs from d devices in a duster.
Question 74:
Why should you use an NTP server on FortiAnalyzer and all registered devices that log into FortiAnalyzer?
A. To properly correlate logs B. To use real-time forwarding C. To resolve host names D. To improve DNS response times
A. To properly correlate logs
Study Guide 7.0 page 30: Synchronize the time on FortiAnalyzer and all Registered devices wit han NTP server for correct log correlation.
Question 75:
Which statements are true of Administrative Domains (ADOMs) in FortiAnalyzer? (Choose two.)
A. ADOMs are enabled by default. B. ADOMs constrain other administrator's access privileges to a subset of devices in the device list. C. Once enabled, the Device Manager, FortiView, Event Management, and Reports tab display per ADOM. D. All administrators can create ADOMs--not just the admin administrator.
B. ADOMs constrain other administrator's access privileges to a subset of devices in the device list. C. Once enabled, the Device Manager, FortiView, Event Management, and Reports tab display per ADOM.
Question 76:
FortiAnalyzer centralizes which functions? (Choose three)
A. Network analysis B. Graphical reporting C. Content archiving / data mining D. Vulnerability assessment E. Security log analysis / forensics
B. Graphical reporting C. Content archiving / data mining E. Security log analysis / forensics
Question 77:
What happens when a log file saved on FortiAnalyzer disks reaches the size specified in the device log settings?
A. The log file is stored as a raw log and is available for analytic support. B. The log file rolls over and is archived. C. The log file is purged from the database. D. The log file is overwritten.
You've moved a registered logging device out of one ADOM and into a new ADOM. What happens when you rebuild the new ADOM database?
A. FortiAnalyzer resets the disk quota of the new ADOM to default. B. FortiAnalyzer migrates archive logs to the new ADOM. C. FortiAnalyzer migrates analytics logs to the new ADOM. D. FortiAnalyzer removes logs from the old ADOM.
C. FortiAnalyzer migrates analytics logs to the new ADOM.
When you move a device, only the archive logs (compressed logs) are migrated to the new ADOM. The analytics logs (indexed logs) stay in the old ADOM until you rebuild the database. https://kb.fortinet.com/kb/documentLink.do?externalID=FD40383
Question 79:
On the RAID management page, the disk status is listed as Initializing.
What does the status Initializing indicate about what the FortiAnalyzer is currently doing?
A. FortiAnalyzer is ensuring that the parity data of a redundant drive is valid B. FortiAnalyzer is writing data to a newly added hard drive to restore it to an optimal state C. FortiAnalyzer is writing to all of its hard drives to make the array fault tolerant D. FortiAnalyzer is functioning normally
C. FortiAnalyzer is writing to all of its hard drives to make the array fault tolerant
Which statement is true about sending notifications with incident updates?
A. Notifications can be sent only when an incident is updated or deleted. B. If you use multiple fabric connectors, all connectors must have the same notification settings C. Notifications can be sent only by email. D. You can send notifications to multiple external platforms
D. You can send notifications to multiple external platforms
Nowadays, the certification exams become more and more important and required by more and more
enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare
for the exam in a short time with less efforts? How to get a ideal result and how to find the
most reliable resources? Here on Vcedump.com, you will find all the answers.
Vcedump.com provide not only Fortinet exam questions,
answers and explanations but also complete assistance on your exam preparation and certification
application. If you are confused on your NSE5_FAZ-7.0 exam preparations
and Fortinet certification application, do not hesitate to visit our
Vcedump.com to find your solutions here.