FCP_FAZ_AN-7.6 Exam - Free Fortinet Questions and Answers

Question #1 (Topic: Exam A)

Which statement about automation connectors on FortiAnalyzer is true?

A. An ADOM with the Fabric type comes with multiple connectors configured. B. The local connector comes online once you have a playbook task referencing it. C. The actions available with FortiOS connectors are determined by automation rules configured on FortiGate. D. The playbook module must be enabled before external connectors are displayed.

Answer: A

Question #2 (Topic: Exam A)

Which three modules does FortiAnalyzer automatically download content from with a valid SOC Automation service license? (Choose three.)

A. Report templates B. Dashboards C. Event handlers D. Active Connectors E. Playbooks F. Incident templates

Answer: CEF

Question #3 (Topic: Exam A)

Refer to the exhibit.

Which two observations can you make after reviewing this log entry? (Choose two.)

A. This is a formatted view of the log. B. This is a normalized log. C. This log is in a raw log format. D. This is the original log that FortiAnalyzer received from FortiGate.

Answer: CD

Question #4 (Topic: Exam A)

Refer to the exhibit.

What is the purpose of using the Chart Builder feature on FortiAnalyzer7?

A. To build a chart automatically based on the top 100 log entries B. To add charts to generate reports directly in the current ADOM C. To add a new chart under FortiView to be used in new reports D. To build a dataset and chart based on the filtered search results

Answer: D

Question #5 (Topic: Exam A)

Refer to the exhibit.

The playbook shown in the exhibit requires fine-tuning. A task needs to be configured to run a report on the updated asset list that the FortiAnalyzer receives from the FortiClient EMS.
Which SOC role is responsible for making this change?

A. Threat hunter B. SOC engineer C. Security analyst D. Incident responder

Answer: B

Fortinet FCP_FAZ_AN-7.6 - Fortinet NSE 5 - FortiAnalyzer 7.6 Analyst Exam