Fortinet NSE7_ADA-6.3 - NSE 7 - Advanced Analytics 6.3 Exam
Page: 2 / 7
Total 33 questions
Question #6 (Topic: Exam A)
How can you empower SOC by deploying FortiSOAR? (Choose three.)
A. Aggregate logs from distributed systems
B. Collaborative knowledge sharing
C. Baseline user and traffic behavior
D. Reduce human error
E. Address analyst skills gap
Answer: ACE
Question #7 (Topic: Exam A)
Which of the following are two Tactics in the MITRE ATT&CK framework? (Choose two.)
A. Rootkit
B. Reconnaissance
C. Discovery
D. BITS Jobs
E. Phishing
Answer: BC
Question #8 (Topic: Exam A)
Refer to the exhibit. Click on the calculator button.
Based on the information provided in the exhibit, calculate the unused events for the next three minutes for a 520 EPS license.
Based on the information provided in the exhibit, calculate the unused events for the next three minutes for a 520 EPS license.
A. 72460
B. 73460
C. 74460
D. 71460
Answer: D
Question #9 (Topic: Exam A)
Refer to the exhibit.
An administrator wants to remediate the incident from FortiSIEM shown in the exhibit.
What option is available to the administrator?
An administrator wants to remediate the incident from FortiSIEM shown in the exhibit.
What option is available to the administrator?
A. Quarantine IP FortiClient
B. Run the block MAC FortiOS.
C. Run the block IP FortiOS 5.4
D. Run the block domain Windows DNS
Answer: C
Question #10 (Topic: Exam A)
Refer to the exhibit.
The window for this rule is 30 minutes.
What is this rule tracking?
The window for this rule is 30 minutes.
What is this rule tracking?
A. A sudden 50% increase in WMI response times over a 30-minute time window
B. A sudden 1.50 times increase in WMI response times over a 30-minute time window
C. A sudden 75% increase in WMI response times over a 30-minute time window
D. A sudden 150% increase in WMI response times over a 30-minute time window
Answer: B
