Fortinet FCP_FSM_AN-7.2 - FCP - FortiSIEM 7.2 Analyst Exam
Page: 1 / 7
Total 32 questions
Question #1 (Topic: Exam A)
Which statement about thresholds is true?
A. FortiSIEM uses fixed, hardcoded global and device thresholds for all performance metrics.
B. FortiSIEM uses only device thresholds for security metrics.
C. FortiSIEM uses global and per device thresholds for performance metrics.
D. FortiSIEM uses only global thresholds for performance metrics.
Answer: C
Question #2 (Topic: Exam A)
Which running mode takes the most time to perform machine learning tasks?
A. Local auto
B. Local
C. Forecasting
D. Regression
Answer: B
Question #3 (Topic: Exam A)
Refer to the exhibit.
The analyst is troubleshooting the analytics query shown in the exhibit.
Why is this search not producing any results?
The analyst is troubleshooting the analytics query shown in the exhibit.
Why is this search not producing any results?
A. The Time Range is set incorrectly.
B. The inner and outer nested query attribute types do not match.
C. You cannot reference User and Event Type attributes in the same search.
D. The Boolean operator is wrong between the attributes.
Answer: B
Question #4 (Topic: Exam A)
Refer to the exhibit.
If you group the events by Reporting Device, Reporting IP, and Application Category, how many results will FortiSIEM display?
If you group the events by Reporting Device, Reporting IP, and Application Category, how many results will FortiSIEM display?
A. Four
B. Five
C. One
D. Six
E. Two
Answer: B
Question #5 (Topic: Exam A)
Which analytics search can be used to apply a user and entity behavior analytics (UEBA) tag to an event for a failed login by the user JSmith?
A. User = smith
B. Username NOT END WITH jsmith
C. User IS jsmith
D. Username CONTAIN smit
Answer: C
