Fortinet FCP_FAZ_AN-7.4 - FCP - FortiAnalyzer 7.4 Analyst Exam
Page: 2 / 7
Total 34 questions
Question #6 (Topic: Exam A)
Refer to the exhibits.
Assume these are all the events that exist on the FortiAnalyzer device.
How many events will be added to the incident created after running this playbook?
Assume these are all the events that exist on the FortiAnalyzer device.
How many events will be added to the incident created after running this playbook?
A. No events will be added.
B. Eleven events will be added.
C. Four events will be added.
D. Seven events will be added.
Answer: C
Question #7 (Topic: Exam A)
Which SQL query is in the correct order to query the database in the FortiAnalyzer?
A. SELECT devid FROM $log WHERE 'user'='USER1' GROUP BY devid
B. SELECT devid WHERE 'user'='USER1' FROM $log GROUP BY devid
C. SELECT devid FROM $log GROUP BY devid WHERE 'user'='USER1'
D. SELECT FROM $log WHERE devid 'user'='USER1' GROUP BY devid
Answer: A
Question #8 (Topic: Exam A)
What is the purpose of playbook trigger variables?
A. To display statistics about the playbook runtime
B. To provide the trigger information to make the playbook start running
C. To use information from the trigger to filter the action in a task
D. To store the start times of playbooks with On_Schedule triggers
Answer: C
Question #9 (Topic: Exam A)
Refer to the exhibit.
What can you conclude about these search results? (Choose two.)
What can you conclude about these search results? (Choose two.)
A. They were searched by using text mode.
B. They can be downloaded to a file.
C. They are sortable by columns and customizable.
D. They are not available for analysis in FortiView.
Answer: AB
Question #10 (Topic: Exam A)
What is the purpose of running the command diagnose sql status sqlplugind?
A. To list the current SQL processes running
B. To view the current hcache size
C. To identify the database log insertion status
D. To display the SQL query connections and hcache status
Answer: D
