Summer Certification Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: force70

Pass the Fortinet Fortinet Certified Professional Security Operations FCP_FAZ_AN-7.6 Questions and answers with CertsForce

Viewing page 2 out of 3 pages
Viewing questions 11-20 out of questions
Questions # 11:

Exhibit.

Question # 11

What can you conclude about these search results? (Choose two.)

Options:

A.

They can be downloaded to a file.


B.

They are sortable by columns and customizable.


C.

They are not available for analysis in FortiView.


D.

They were searched by using text mode.


Expert Solution
Questions # 12:

Which three tasks can be performed on FortiAnalyzer using FortiAI? (Choose three.)

Options:

A.

Configure site-to-site VPN using FortiAI.


B.

Perform Incident investigation and response.


C.

Identify potential impacts and recommend remediation.


D.

Configure SD-WAN overlay using FortiAI.


E.

Perform threat hunting.


Expert Solution
Questions # 13:

Which two statements about exporting and importing playbooks are true? (Choose two.)

Options:

A.

A playbook that was disabled when it was exported will be disabled when it is imported.


B.

Playbooks can be imported to a different FortiAnalyzer device, but only if the connectors already exist


C.

You can import a playbook even if there is another one with the same name in the destination


D.

You can export only one playbook at a time.


Expert Solution
Questions # 14:

Which two statements about local logs on FortiAnalyzer are true? (Choose two.)

Options:

A.

Local logs are not displayed in FortiView.


B.

Event logs are available in the root ADOM.


C.

Playbook logs for all ADOMs are in the root ADOM.


D.

Application control logs are ADOM-specific


Expert Solution
Questions # 15:

Exhibit.

Question # 15

What can you conclude about the output?

Options:

A.

The message rate being lower that the log rate is normal.


B.

Both messages and logs are almost finished indexing.


C.

There are more traffic logs than event logs.


D.

The output is ADOM-specific


Expert Solution
Questions # 16:

Which statement about the FortiSOAR management extension is correct?

Options:

A.

It requires a FortiManager configured to manage FortiGate.


B.

It runs as a docker container on FortiAnalyzer.


C.

It requires a dedicated FortiSOAR device or VM.


D.

It does not include a limited trial by default.


Expert Solution
Questions # 17:

Refer to the exhibits.

Question # 17

The event shown in the exhibit has been escalated to an incident.

Which SOC role is responsible for handling the escalated incident?

Options:

A.

Threat hunter


B.

Security analyst


C.

SOC engineer


D.

Incident responder


Expert Solution
Questions # 18:

You created a playbook on FortiAnalyzer that uses a FortiOS connector.

When configuring the FortiGate side, which type of trigger must be used so that the actions in an automation stitch are available in the FortiOS connector?

Options:

A.

FortiAnalyzer Event Handler


B.

Fabric Connector event


C.

FortiOS Event Log


D.

Incoming webhook


Expert Solution
Questions # 19:

Refer to the exhibit.

Question # 19

What can you conclude from this output? (Choose one answer)

Options:

A.

ADOM1 has 300 MB of disk space remaining.


B.

The allocated disk quota to ADOM1 is 3 GB.


C.

Archive logs are using more space than analytic logs.


D.

There is no disk quota allocated to quarantining files.


Expert Solution
Questions # 20:

A playbook contains five tasks in total. An administrator runs the playbook and four out of five tasks finish successfully, but one task fails.

What will be the status of the playbook after it is run?

Options:

A.

Attention required


B.

Upstream_failed


C.

Failed


D.

Success


Expert Solution
Viewing page 2 out of 3 pages
Viewing questions 11-20 out of questions