Summer Certification Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Fortinet Certified Professional Security Operations FCP_FAZ_AN-7.6 Exam Dumps

Fortinet NSE 5 - FortiAnalyzer 7.6 Analyst Questions and Answers

Question 13

(Which two parameters does FortiAnalyzer use to identify an indicator of compromise (IOC)? (Choose two answers)

Options:

A.

IP address

B.

URL

C.

Policy ID

D.

Application category

Question 14

Which statement about SQL SELECT queries is true?

Options:

A.

They can be used to purge log entries from the database.

B.

They must be followed immediately by a WHERE clause.

C.

They can be used to display the database schema.

D.

They are not used in macros.

Question 15

You are trying to configure a task in the playbook editor to run a report.

However, when you try to select the desired playbook, you do to see it listed.

What is the reason?

Options:

A.

The report does not have auto-cache and extended log filtering enabled.

B.

The playbook is currently running and will be available after it is finished.

C.

You must create a trigger to run the report first.

D.

The report has no result and must be reconfigured.

Question 16

Which two statements regarding FortiAnalyzer operating modes are true? (Choose two.)

Options:

A.

When running in collector mode, FortiAnalyzer can forward logs to a syslog server.

B.

FortiAnalyzer runs in collector mode by default unless it is configured for HA.

C.

You can create and edit reports when FortiAnalyzer is running in collector mode.

D.

A topology with FortiAnalyzer devices running in both modes can improve their performance.