Summer Certification Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: force70

Pass the Fortinet Fortinet Certified Professional Security Operations FCP_FAZ_AN-7.6 Questions and answers with CertsForce

Viewing page 1 out of 3 pages
Viewing questions 1-10 out of questions
Questions # 1:

When managing incidents on FortiAnalyzer, what must an analyst be aware of?

Options:

A.

You can manually attach generated reports to incidents.


B.

The status of the incident is always linked to the status of the attached event.


C.

Severity incidents rated with the level High have an initial service-level agreement (SLA) response time of 1 hour.


D.

Incidents must be acknowledged before they can be analyzed.


Expert Solution
Questions # 2:

(When there are no matching parsers for a device log, what does FortiAnalyzer do? (Choose one answer)

Options:

A.

Drops the log


B.

Applies the generic SYSLOG parser


C.

Stores the log but doesn’t normalize it


D.

Archives the log for future analysis


Expert Solution
Questions # 3:

Refer to Exhibit:

Question # 3

What does the data point at 21:20 indicate?

Options:

A.

FortiAnalyzer is indexing logs faster than logs are being received.


B.

The fortilogd daemon is ahead in indexing by one log.


C.

The SQL database requires a rebuild because of high receive lag.


D.

FortiAnalyzer is temporarily buffering received logs so older logs can be indexed first.


Expert Solution
Questions # 4:

Which statement about exporting items in Report Definitions is true?

Options:

A.

Templates can be exported.


B.

Template exports contain associated charts and datasets.


C.

Chart exports contain associated datasets.


D.

Datasets can be exported.


Expert Solution
Questions # 5:

You discover that a few reports are taking a long time to generate. Which two steps can you take to troubleshoot? (Choose two.)

Options:

A.

Remove old reports from the hcache


B.

Enable auto-cache and run the reports again


C.

Increase the ADOM reports quota


D.

Review report diagnostics


Expert Solution
Questions # 6:

Which FortiAnalyzer feature allows you to use a proactive approach when managing your network security?

Options:

A.

FortiView Monitor


B.

Outbreak alert services


C.

Incidents dashboard


D.

Threat hunting


Expert Solution
Questions # 7:

Exhibit.

Question # 7

What can you conclude from this output?

Options:

A.

There is no disk quota allocated to quarantining files.


B.

FGT_B is the Security Fabric root.


C.

The allocated disk quota to ADOM1 is 3 GB.


D.

Archive logs are using more space than analytic logs.


Expert Solution
Questions # 8:

(An analyst is using FortiAI on FortiAnalyzer to simplify certain tasks but is worried about exceeding the monthly token limit. Which query will take the fewest FortiAI tokens? (Choose one answer)

Options:

A.

Show logs for 192.168.1.10 (past week)


B.

Show all logs from the past week


C.

Can you show me all the log entries for the endpoint 192.168.1.10?


D.

Show logs for 192.168.1.10


Expert Solution
Questions # 9:

Exhibit.

Question # 9

Based on the partial outputs displayed, which devices can be members of a FortiAnalyzer Fabric?

Options:

A.

FortiAnalyzer1 and FortiAnalyzer3


B.

FortiAnalyzer1 and FortiAnalyzer2


C.

FortiAnalyzer2 and FortiAnalyzer3


D.

All devices listed can be members.


Expert Solution
Questions # 10:

Exhibit.

Question # 10

Which statement about the event displayed is correct?

Options:

A.

The risk source is isolated.


B.

The security risk was blocked or dropped.


C.

The security event risk is considered open.


D.

An incident was created from this event.


Expert Solution
Viewing page 1 out of 3 pages
Viewing questions 1-10 out of questions