Spring Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

PDF NSE7_SOC_AR-7.6 Study Guide

Fortinet NSE 7 - Security Operations 7.6 Architect Questions and Answers

Question 9

Refer to the exhibit.

Which two options describe how the Update Asset and Identity Database playbook is configured? (Choose two.)

Options:

A.

The playbook is using a local connector.

B.

The playbook is using a FortiMail connector.

C.

The playbook is using an on-demand trigger.

D.

The playbook is using a FortiClient EMS connector.

Question 10

Which FortiAnalyzer feature uses the SIEM database for advance log analytics and monitoring?

Options:

A.

Threat hunting

B.

Asset Identity Center

C.

Event monitor

D.

Outbreak alerts

Question 11

Refer to the exhibits.

The Malicious File Detect playbook is configured to create an incident when an event handler generates a malicious file detection event.

Why did the Malicious File Detect playbook execution fail?

Options:

A.

The Create Incident task was expecting a name or number as input, but received an incorrect data format

B.

The Get Events task did not retrieve any event data.

C.

The Attach_Data_To_lncident incident task wasexpecting an integer, but received an incorrect data format.

D.

The Attach Data To Incident task failed, which stopped the playbook execution.

Question 12

Refer to the exhibit.

You must configure the FortiGate connector to allow FortiSOAR to perform actions on a firewall. However, the connection fails. Which two configurations are required? (Choose two answers)

Options:

A.

Trusted hosts must be enabled and the FortiSOAR IP address must be permitted.

B.

The VDOM name must be specified, or set to VDOM_1, if VDOMs are not enabled on FortiGate.

C.

HTTPS must be enabled on the FortiGate interface that FortiSOAR will communicate with.

D.

An API administrator must be created on FortiGate with the appropriate profile, along with a generated API key to configure on the connector.