Question 31

If the primary FortiAnalyzer in an HA cluster fails, how is the new primary elected?

Correct Answer:D
In the case of a primary device failure, FortiAnalyzer HA uses the following rules to select a new primary:
• All cluster devices are assigned a priority from 80 to 120. The default priority is 100. If the primary device becomes unavailable, the device with the highest priority is selected as the new primary device. For example, a device with a priority of 110 is selected over a device with a priority of 100.
• If multiple devices have the same priority, the device whose primary IP address has the greatest value is selected as the new primary device. For example, 123.45.67.124 is selected over 123.45.67.123.
• If a new device with a higher priority or a greater value IP address joins the cluster, the new device does not replace (or pre-empt) the current primary device automatically.
FortiAnalyzer_7.0_Study_Guide-Online page 62

Question 32

Why should you use an NTP server on FortiAnalyzer and all registered devices that log into FortiAnalyzer?

Correct Answer:A
NSE5_FAZ-7.2 dumps exhibit

Question 33

Which log will generate an event with the status Contained?

Correct Answer:C

Question 34

What are two of the key features of FortiAnalyzer? (Choose two.)

Correct Answer:AC

Question 35

Which daemon is responsible for enforcing the log file size?

Correct Answer:B
FortiAnalyzer_7.0_Study_Guide-Online.pdf page 121: The logfiled process enforces the log file size and is also responsible for disk quota enforcement by monitoring the other processes.

Question 36

Which statement is true regarding Macros on FortiAnalyzer?

Correct Answer:A
FortiAnalyzer_7.0_Study_Guide-Online.pdf page 283: Note that macros are ADOM-specific and supported in FortiGate and FortiCarrier ADOMs only.

START NSE5_FAZ-7.2 EXAM