ExamGecko
Search Search Login
Home Home / Fortinet / FCP_FAZ_AN-7.4

Fortinet FCP_FAZ_AN-7.4 Practice Test - Questions Answers, Page 6

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

You created a playbook on FortiAnalyzer that uses a FortiOS connector. When configuring the FortiGate side, which type of trigger must be used so that the actions in an automation stich are available in the FortiOS connector?
Which statement about sending notifications with incident updates is true?
Which statement correctly describes one Difference between templates and reports?
What is the purpose of playbook trigger variables?
Which statement about the FortiSIEM management extension is correct?
Which log will generate an event with the status Contained?
Which SQL query is in the correct order to query to database in the FortiAnalyzer?
Which statement about the FortiSOAR management extension is correct?
Which statement about sending notifications with incident update is true?
Which statement describes archive logs on FortiAnalyzer?

Question 51

Report
Export
Collapse

You are trying to configure a task in the playbook editor to run a report.

However, when you try to select the desired playbook, you do to see it listed.

What is the reason?

A.

The report does not have auto-cache and extended log filtering enabled.

A.

The report does not have auto-cache and extended log filtering enabled.

Answers
B.

The playbook is currently running and will be available after it is finished.

B.

The playbook is currently running and will be available after it is finished.

Answers
C.

You must create a trigger to run the report first.

C.

You must create a trigger to run the report first.

Answers
D.

The report has no result and must be reconfigured.

D.

The report has no result and must be reconfigured.

Answers
Suggested answer: A

Question 52

Report
Export
Collapse

What happens when the indicator of compromise (IOC) engine on FortiAnalyzer finds web logs that match blacklisted IP addresses?

A.

FortiAnalyzer flags the associated host for further analysis.

A.

FortiAnalyzer flags the associated host for further analysis.

Answers
B.

A new infected entry is added for the corresponding endpoint under Compromised Hosts.

B.

A new infected entry is added for the corresponding endpoint under Compromised Hosts.

Answers
C.

The detection engine classifies those logs as Suspicious.

C.

The detection engine classifies those logs as Suspicious.

Answers
D.

The endpoint is marked as Compromised and, optionally, can be put in quarantine.

D.

The endpoint is marked as Compromised and, optionally, can be put in quarantine.

Answers
Suggested answer: B

Question 53

Report
Export
Collapse

What is the purpose of playbook trigger variables?

A.

To display statistics about the playbook runtime

A.

To display statistics about the playbook runtime

Answers
B.

To use information from the trigger to filter the action in a task

B.

To use information from the trigger to filter the action in a task

Answers
C.

To provide the trigger information to make the playbook start running

C.

To provide the trigger information to make the playbook start running

Answers
D.

To store the start the times of playbooks with On_Schedule triggers

D.

To store the start the times of playbooks with On_Schedule triggers

Answers
Suggested answer: A

Question 54

Report
Export
Collapse

Which statement correctly describes one Difference between templates and reports?

A.

Reports provide mora configuration options than templates

A.

Reports provide mora configuration options than templates

Answers
B.

Templates can be cloned, but reports cannot be cloned.

B.

Templates can be cloned, but reports cannot be cloned.

Answers
C.

Reports support macros, but templates do not.

C.

Reports support macros, but templates do not.

Answers
D.

Template are mapped to device groups. while reports are mapped to ADOMs

D.

Template are mapped to device groups. while reports are mapped to ADOMs

Answers
Suggested answer: A

Question 55

Report
Export
Collapse

Which statement about sending notifications with incident updates is true?

A.

Each connector used can have different notification settings

A.

Each connector used can have different notification settings

Answers
B.

Each incident can send notification to a single external platform.

B.

Each incident can send notification to a single external platform.

Answers
C.

You must configure an output profile to send notifications by email.

C.

You must configure an output profile to send notifications by email.

Answers
D.

Notifications can be sent only when an incident is created oi deleted.

D.

Notifications can be sent only when an incident is created oi deleted.

Answers
Suggested answer: A

Question 56

Report
Export
Collapse

Exhibit.

What is the purpose of using the Chart Builder feature On FortiAnalyzer?

A.

To build a chart automatically based on the top 100 log entries

A.

To build a chart automatically based on the top 100 log entries

Answers
B.

To add charts directly to generate reports in the current ADOM.

B.

To add charts directly to generate reports in the current ADOM.

Answers
C.

To add a new chart under FortiView to be used in new reports

C.

To add a new chart under FortiView to be used in new reports

Answers
D.

To build a dataset and chart based on the filtered search results

D.

To build a dataset and chart based on the filtered search results

Answers
Suggested answer: A
Total 56 questions
Go to page: of 6
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms