● NSE 5 - FortiAnalyzer 7.4 Analyst Exam Materials
Please note that the exam "NSE 5 - FortiAnalyzer 7.4 Analyst" is no longer offered by Fortinet and is not available for booking through Pearson VUE, so we opened it on free view,
It has been replaced by the exam "NSE 5 - FortiAnalyzer 7.6 Analyst Exam"
The new exam version is available on Brave-Dumps and can be purchased.
It has been replaced by the exam "NSE 5 - FortiAnalyzer 7.6 Analyst Exam"
The new exam version is available on Brave-Dumps and can be purchased.
Question #51
Question #52
You discover that a few reports are taking a long time to generate.
Which two steps can you take to troubleshoot?
(Choose two answers)
- A. Increase the ADOM reports quota.
- B. Review report diagnostics.
- C. Enable auto-cache and run the reports again.
- D. Remove old reports from the hcache.
Question #53
Which SQL query is in the correct order to query the database in the FortiAnalyzer? (Choose one answer)
- A. SELECT devid WHERE 'user'='USER1' FROM $log GROUP BY devid
- B. FROM $log WHERE 'user'='USER1' SELECT devid GROUP BY devid
- C. SELECT devid FROM $log WHERE 'user'='USER1' GROUP BY devid
- D. SELECT devid FROM $log GROUP BY devid WHERE 'user'='USER1'
Question #54
Based on the partial outputs displayed, which devices can be members of a FortiAnalyzer Fabric? (Choose one answer)
- A. FortiAnalyzer1 and FortiAnalyzer3
- B. FortiAnalyzer1 and FortiAnalyzer2
- C. All devices listed can be members
- D. FortiAnalyzer2 and FortiAnalyzer3
Question #55
Refer to the exhibits. Laptop1 is used by several administrators to manage FortiAnalyzer. You want to configure a generic text filter that matches all login attempts to the web interface generated by any user other than “admin” and coming from Laptop1.
Which filter will achieve the desired result?
(Choose one answer)
- A. operation-login & performed_on=="GUI(10.1.1.100)" & user!=admin
- B. operation-login & srcip==10.1.1.100 & dstip==10.1.1.210 & user==admin
- C. operation-login & dstip==10.1.1.210 & user!=admin
- D. operation-login & performed_on=="GUI(10.1.1.210)" & user!=admin
Question #56
What is the purpose of using the Chart Builder feature on FortiAnalyzer? (Choose one answer)
- A. To add a new chart under FortiView to be used in new reports
- B. To build a dataset and chart automatically, based on the filtered search results
- C. To add charts directly to generate reports in the current ADOM
- D. To build a chart automatically based on the top 100 log entries
Question #57
Which two functions does the first layer of the FortiWeb anomaly machine learning (ML) analysis mechanism perform? (Choose two answers)
- A. Determines whether an anomaly is a real attack or just a harmless anomaly that should be ignored
- B. Determines a probability model behind every parameter and HTTP method passing through FortiWeb
- C. Determines whether traffic is an anomaly, based on observable features over time
- D. Determines if a detected threat is a false-positive or not
Question #58
Refer to the exhibit.
What can you conclude about the output?
(Choose one answer)
- A. Both messages and logs are almost finished indexing.
- B. The output is ADOM specific.
- C. The message rate being lower than the log rate is normal.
- D. There are more traffic logs than event logs.
Which two statements regarding the outbreak detection service are true? (Choose two answers)