Spring Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Fortinet Certified Professional Security Operations NSE7_SOC_AR-7.6 Book

Fortinet NSE 7 - Security Operations 7.6 Architect Questions and Answers

Question 5

Based on the Pyramid of Pain model, which two statements accurately describe the value of an indicator and how difficult it is for an adversary to change? (Choose two answers)

Options:

A.

IP addresses are easy because adversaries can spoof them or move them to new resources.

B.

Tactics, techniques, and procedures are hard because adversaries must adapt their methods.

C.

Artifacts are easy because adversaries can alter file paths or registry keys.

D.

Tools are easy because often, multiple alternatives exist.

Question 6

You are trying to create a playbook that creates a manual task showing a list of public IPv6 addresses. You were successful in extracting all IP addresses from a previous action into a variable calledip_list, which contains both private and public IPv4 and IPv6 addresses. You must now filter the results to display only public IPv6 addresses. Which two Jinja expressions can accomplish this task? (Choose two answers)

Options:

A.

{{ vars.ip_list | ipv6addr('public') }}

B.

{{ vars.ip_list | ipaddr('public') | ipv6 }}

C.

{{ vars.ip_list | ipaddr('!private') | ipv6 }}

D.

{{ vars.ip_list | ipv6 | ipaddr('public') }}

Question 7

Which three are threat hunting activities? (Choose three answers)

Options:

A.

Enrich records with threat intelligence.

B.

Automate workflows.

C.

Generate a hypothesis.

D.

Perform packet analysis.

E.

Tune correlation rules.

Question 8

Which two ways can you create an incident on FortiAnalyzer? (Choose two.)

Options:

A.

Using a connector action

B.

Manually, on the Event Monitor page

C.

By running a playbook

D.

Using a custom event handler