FCP - FortiSIEM 7.2 Analyst - FCP_FSM_AN-7.2 Exam Practice Test

Question 1

Refer to the exhibit.

The exhibit shows the configuration for a machine learning dataset using anomaly detection.
If the report generating the data being analyzed is run every hour, how long must the FortiSIEM device be up before a valid training set can be produced?

A. 24 hours

B. 3 hours

C. 30 hours

D. 10 hours

Correct Answer: D

Explanation: Only visible for Actualtests4sure members. You can sign-up / login (it's free).

Question 2

Refer to the exhibit.

A FortiSIEM analyst is investigating an issue by examining events related to two destination IP addresses. However, the analyst is not getting any results from the search.
Based on the selected filters shown in the exhibit, why is the search returning no results?

A. The wrong option is selected in the Operator column.

B. Parentheses are missing between the two items.

C. The wrong boolean operator is selected in the Next column.

D. An invalid IP address is typed in the Value column.

Correct Answer: C

Explanation: Only visible for Actualtests4sure members. You can sign-up / login (it's free).

Question 3

What are two required components of a rule? (Choose two.)

A. Detection Technology

B. Subpattern

C. Clear policy

D. Exception policy

Correct Answer: A,B

Explanation: Only visible for Actualtests4sure members. You can sign-up / login (it's free).

Question 4

In FortiSIEM, which database stores discovery information?

A. Event DB

B. SVN DB

C. CMDB

D. Profile DB

Correct Answer: C

Explanation: Only visible for Actualtests4sure members. You can sign-up / login (it's free).

Question 5

Refer to the exhibit.

What happens when an analyst clears an incident generated by a rule containing the automation policy shown in the exhibit?

A. No notification is sent.

B. A notification is sent to the SOC manager dashboard.

C. An email is sent to the SOC manager.

D. The remediation script is run.

Correct Answer: A

Explanation: Only visible for Actualtests4sure members. You can sign-up / login (it's free).

Question 6

Refer to the exhibit. What will this analytics search display?

A. Failed login events from all servers in the Server Inventory CMDB report

B. Failed machine login events sourced from servers in the CMDB

C. Failed login events from all users in the Logon Failure user group

D. Failed login events from all servers in the CMDB

Correct Answer: A

Explanation: Only visible for Actualtests4sure members. You can sign-up / login (it's free).

Question 7

Which two settings must you configure to allow FortiSIEM to apply tags to devices in FortiClient EMS? (Choose two.)

A. FortiEMS API credentials defined on FortiSIEM

B. ZTNA tags defined on FortiSIEM

C. FortiSIEM API credentials defined on FortiEMS\

D. Remediation script configured

Correct Answer: A,C

Explanation: Only visible for Actualtests4sure members. You can sign-up / login (it's free).

Fortinet FCP - FortiSIEM 7.2 Analyst - FCP_FSM_AN-7.2 Exam Practice Test

Latest Update

Useful Links

Contact Us