ExamGecko
Login
Home / Fortinet / FCSS_ADA_AR-6.7 / List of questions
Ask Question

Fortinet FCSS_ADA_AR-6.7 Practice Test - Questions Answers, Page 6

Add to Whishlist

List of questions

Question 51

Report Export Collapse

Which three processes are collector processes? (Choose three.)

Become a Premium Member for full access
  Unlock Premium Member

Question 52

Report Export Collapse

Refer to the exhibit.

Fortinet FCSS_ADA_AR-6.7 image Question 52 6388396996264505285016

Consider a custom lookup table MalwareIPList. An analyst constructed an analytic query to reference the MalwareIPList lookup table.

What is the outcome of the analytic query?

Become a Premium Member for full access
  Unlock Premium Member

Question 53

Report Export Collapse

Which three statements about phRuleMaster are true? (Choose three.)

Become a Premium Member for full access
  Unlock Premium Member

Question 54

Report Export Collapse

Refer to the exhibit.

Fortinet FCSS_ADA_AR-6.7 image Question 54 63883969962691926660414

The service provider deployed FortiSIEM without a collector and added three customers on the supervisor.

What mistake did the administrator make?

Become a Premium Member for full access
  Unlock Premium Member

Question 55

Report Export Collapse

Where are the SQLite databases that are used for the baselining, stored?

Become a Premium Member for full access
  Unlock Premium Member

Question 56

Report Export Collapse

Refer to the exhibit.

Fortinet FCSS_ADA_AR-6.7 image Question 56 63883969962707551296294

If the Z-score for this rule is greater than or equal to three, what does this mean?

Become a Premium Member for full access
  Unlock Premium Member

Question 57

Report Export Collapse

Refer to the exhibit.

Fortinet FCSS_ADA_AR-6.7 image Question 57 63883969962785674271212

An administrator wants to remediate the incident from FortiSIEM shown in the exhibit.

What option is available to the administrator?

Become a Premium Member for full access
  Unlock Premium Member

Question 58

Report Export Collapse

Refer to the exhibit.

Fortinet FCSS_ADA_AR-6.7 image Question 58 63883969962832547926611

Is the Windows agent delivering event logs correctly?

Become a Premium Member for full access
  Unlock Premium Member

Question 59

Report Export Collapse

Refer to the exhibit.

Fortinet FCSS_ADA_AR-6.7 image Question 59 6388396996291067101529

An administrator runs an analytic search for all FortiGate SSL VPN logon failures. The results are grouped by source IP, reporting IP, and user. The administrator wants to restrict the results to only those rows where the COUNT >=3.

Which user would meet that condition?

Become a Premium Member for full access
  Unlock Premium Member
Total 59 questions
Go to page: of 6
Open VPLUS File
Convert VPLUS to PDF

Related questions

Refer to the exhibit. An administrator runs an analytic search for all FortiGate SSL VPN logon failures. The results are grouped by source IP, reporting IP, and user. The administrator wants to restrict the results to only those rows where the COUNT >=3. Which user would meet that condition?
Refer to the exhibit. Is the Windows agent delivering event logs correctly?
Refer to the exhibit. An administrator wants to remediate the incident from FortiSIEM shown in the exhibit. What option is available to the administrator?
Refer to the exhibit. If the Z-score for this rule is greater than or equal to three, what does this mean?
Where are the SQLite databases that are used for the baselining, stored?
Refer to the exhibit. The service provider deployed FortiSIEM without a collector and added three customers on the supervisor. What mistake did the administrator make?
Which three statements about phRuleMaster are true? (Choose three.)
Refer to the exhibit. Consider a custom lookup table MalwareIPList. An analyst constructed an analytic query to reference the MalwareIPList lookup table. What is the outcome of the analytic query?
Which three processes are collector processes? (Choose three.)
Refer to the exhibit. Consider a nested event query where both inner and outer queries are event queries. Reporting IP is selected from the CMDB group Network Device, Event Type is selected from the CMDB group Logon Success, and Source IP is selected from the report Failed Logons to Network Devices. An administrator is about to execute the nested query. The report time ranges must be set before execution. The Nested Time Range will be applied to which attributes?