ExamGecko
Login
Home / Fortinet / FCSS_ADA_AR-6.7 / List of questions
Ask Question

Fortinet FCSS_ADA_AR-6.7 Practice Test - Questions Answers, Page 2

Add to Whishlist

List of questions

Question 11

Report Export Collapse

Refer to the exhibit.

Fortinet FCSS_ADA_AR-6.7 image Question 11 63883969961988820133915

Which devices will be added to the CMDB and mapped to Customer E?

Become a Premium Member for full access
  Unlock Premium Member

Question 12

Report Export Collapse

Refer to the exhibit.

Fortinet FCSS_ADA_AR-6.7 image Question 12 63883969962004444869795

An administrator applies the rule exception shown in the exhibit.

How does this configuration impact the incident generation for that rule?

Become a Premium Member for full access
  Unlock Premium Member

Question 13

Report Export Collapse

Which two statements about phRuleWorker are true? (Choose two.)

Become a Premium Member for full access
  Unlock Premium Member

Question 14

Report Export Collapse

Refer to the exhibit.

Fortinet FCSS_ADA_AR-6.7 image Question 14 63883969962020069453433

Which three fields from the organization destination are required while registering a collector? (Choose three.)

Become a Premium Member for full access
  Unlock Premium Member

Question 15

Report Export Collapse

FortiSIEM provides all rules with the ability to automatically change an active incident status to auto-cleared, based on an extra set of defined criteria.

Why would you configure FortiSIEM to automatically change an active incident status to auto-cleared?

Become a Premium Member for full access
  Unlock Premium Member

Question 16

Report Export Collapse

For what type of data values does the rule engine query the profile database?

Become a Premium Member for full access
  Unlock Premium Member

Question 17

Report Export Collapse

Which organization do agents belong to after registration? (Choose two.)

Become a Premium Member for full access
  Unlock Premium Member

Question 18

Report Export Collapse

What is the hourly bucket used in baselining?

Become a Premium Member for full access
  Unlock Premium Member

Question 19

Report Export Collapse

What are two functions of numpoints in a rule and profile database? (Choose two.)

Become a Premium Member for full access
  Unlock Premium Member

Question 20

Report Export Collapse

Refer to the exhibit.

Fortinet FCSS_ADA_AR-6.7 image Question 20 6388396996206694328833

Consider the five account locked events received by FortiSIEM from domain controllers within the last 10 minutes (ten minutes is the evaluation window for the subpattern DomainAcctLockout):

Fortinet FCSS_ADA_AR-6.7 image Question 20 6388396996206694328833

If you look for one or more matching events and groupings by the same reporting IP address, reporting device, and user, how many incidents are created?

Become a Premium Member for full access
  Unlock Premium Member
Total 59 questions
Go to page: of 6
Open VPLUS File
Convert VPLUS to PDF

Related questions

Refer to the exhibit. An administrator runs an analytic search for all FortiGate SSL VPN logon failures. The results are grouped by source IP, reporting IP, and user. The administrator wants to restrict the results to only those rows where the COUNT >=3. Which user would meet that condition?
Refer to the exhibit. Is the Windows agent delivering event logs correctly?
Refer to the exhibit. An administrator wants to remediate the incident from FortiSIEM shown in the exhibit. What option is available to the administrator?
Refer to the exhibit. If the Z-score for this rule is greater than or equal to three, what does this mean?
Where are the SQLite databases that are used for the baselining, stored?
Refer to the exhibit. The service provider deployed FortiSIEM without a collector and added three customers on the supervisor. What mistake did the administrator make?
Which three statements about phRuleMaster are true? (Choose three.)
Refer to the exhibit. Consider a custom lookup table MalwareIPList. An analyst constructed an analytic query to reference the MalwareIPList lookup table. What is the outcome of the analytic query?
Which three processes are collector processes? (Choose three.)
Refer to the exhibit. Consider a nested event query where both inner and outer queries are event queries. Reporting IP is selected from the CMDB group Network Device, Event Type is selected from the CMDB group Logon Success, and Source IP is selected from the report Failed Logons to Network Devices. An administrator is about to execute the nested query. The report time ranges must be set before execution. The Nested Time Range will be applied to which attributes?