The NSE5_FAZ-7.2 Fortinet NSE 5 - FortiAnalyzer Analyst 7.2 exam has recently been released as a replacement for the retired NSE5_FAZ-7.0 exam. This means that individuals who were previously preparing for the NSE5_FAZ-7.0 exam will need to switch their focus to the new exam. In order to prepare for this new exam, Passcert has recently released their Fortinet NSE 5 - FortiAnalyzer Analyst 7.2 NSE5_FAZ-7.2 Dumps which cover all of the exam objectives and are designed to help individuals best prepare for their upcoming exam. With the help of these Fortinet NSE 5 - FortiAnalyzer Analyst 7.2 NSE5_FAZ-7.2 Dumps, individuals can rest assured that they will be well-prepared and will have a higher chance of passing their exam on the first try. Don't miss out on this opportunity to improve your exam preparation and increase your chances of success!

The Fortinet NSE 5 - FortiAnalyzer Analyst 7.2 exam is part of the NSE 5 Network Security Analyst program, and evaluates your knowledge of, and expertise in, FortiAnalyzer devices. The exam tests your applied knowledge of FortiAnalyzer operation from the security analyst point of view, including tasks such as

log analysis, event management, incidents and reports, and automation with playbooks.

The Fortinet NSE 5—FortiAnalyzer Analyst 7.2 exam is intended for network and security analysts who are responsible for Fortinet Security Fabric analytics and automating tasks to detect and respond to cyberattacks using FortiAnalyzer.

Exam name: Fortinet NSE 5 - FortiAnalyzer Analyst 7.2

Exam series: NSE5_FAZ-7.2

Time allowed: 60 minutes

Exam questions: 30 multiple-choice questions

Scoring Pass or fail. A score report is available from your Pearson VUE account

Language: English and Japanese

Product version: FortiOS 7.2.1, FortiAnalyzer 7.2.1

Successful candidates have applied knowledge and skills in the following areas and tasks:

Describe FortiAnalyzer concepts

Analyze logs

Describe log fetching

Gather log statistics

Manage events and event handlers

Manage incidents

Explain SOC features on FortiAnalyzer

Manage reports

Troubleshoot reports

Explain playbook components

Create and manage playbooks

1. FortiAnalyzer centralizes which functions? (Choose three)

A.Network analysis

B.Graphical reporting

C.Content archiving / data mining

D.Vulnerability assessment

E.Security log analysis / forensics

Answer: B, C, E

2. What is the purpose of a dataset query in FortiAnalyzer?

A.It sorts log data into tables

B.It extracts the database schema

C.It retrieves log data from the database

D.It injects log data into the database

Answer: C

3. Which two settings must you configure on FortiAnalyzer to allow non-local administrators to authenticate to FortiAnalyzer with any user account in a single LDAP group? (Choose two.)

A.A local wildcard administrator account

B.A remote LDAP server

C.A trusted host profile that restricts access to the LDAP group

D.An administrator group

Answer: A, B

4. Which two actions should an administrator take to view Compromised Hosts on FortiAnalyzer? (Choose two.)

A.Enable web filtering in firewall policies on FortiGate devices, and make sure these logs are sent to FortiAnalyzer.

B.Make sure all endpoints are reachable by FortiAnalyzer.

C.Enable device detection on an interface on the FortiGate devices that are connected to the FortiAnalyzer device.

D.Subscribe FortiAnalyzer to FortiGuard to keep its local threat database up to date.

Answer: A, D

5. Which item must you configure on FortiAnalyzer to email generated reports automatically?

A.Output profile

B.Report scheduling

C.SFTP server

D.SNMP server

Answer: A

6. A rogue administrator was accessing FortiAnalyzer without permission, and you are tasked to see what activity was performed by that rogue administrator on FortiAnalyzer.

What can you do on FortiAnalyzer to accomplish this?

A.Click FortiView and generate a report for that administrator.

B.Click Task Monitor and view the tasks performed by that administrator.

C.Click Log View and generate a report for that administrator.

D.View the tasks performed by the rogue administrator in Fabric View.

Answer: B

7. On FortiAnalyzer, what is a wildcard administrator account?

A.An account that permits access to members of an LDAP group

B.An account that allows guest access with read-only privileges

C.An account that requires two-factor authentication

D.An account that validates against any user account on a FortiAuthenticator

Answer: A

8. What is the purpose of a predefined template on the FortiAnalyzer?

A.It can be edited and modified as required

B.It specifies the report layout which contains predefined texts, charts, and macros

C.It specifies report settings which contains time period, device selection, and schedule

D.It contains predefined data to generate mock reports

Answer: B