New Year Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: pass65

FCSS_SOC_AN-7.4 FCSS - Security Operations 7.4 Analyst Questions and Answers

Questions 4

Refer to the exhibits.

FCSS_SOC_AN-7.4 Question 4

The DOS attack playbook is configured to create an incident when an event handler generates a denial-of-ser/ice (DoS) attack event.

Why did the DOS attack playbook fail to execute?

Options:

A.

The Create SMTP Enumeration incident task is expecting an integer value but is receiving the incorrect data type

B.

The Get Events task is configured to execute in the incorrect order.

C.

The Attach_Data_To_lncident task failed.

D.

The Attach_Data_To_lncident task is expecting an integer value but is receiving the incorrect data type.

Buy Now
Questions 5

Which FortiAnalyzer connector can you use to run automation stitches9

Options:

A.

FortiCASB

B.

FortiMail

C.

Local

D.

FortiOS

Buy Now
Questions 6

When configuring a FortiAnalyzer to act as a collector device, which two steps must you perform?(Choose two.)

Options:

A.

Enable log compression.

B.

Configure log forwarding to a FortiAnalyzer in analyzer mode.

C.

Configure the data policy to focus on archiving.

D.

Configure Fabric authorization on the connecting interface.

Buy Now
Questions 7

Which three end user logs does FortiAnalyzer use to identify possible IOC compromised hosts? (Choose three.)

Options:

A.

Email filter logs

B.

DNS filter logs

C.

Application filter logs

D.

IPS logs

E.

Web filter logs

Buy Now
Questions 8

Which two types of variables can you use in playbook tasks? (Choose two.)

Options:

A.

input

B.

Output

C.

Create

D.

Trigger

Buy Now
Questions 9

Refer to the exhibit.

FCSS_SOC_AN-7.4 Question 9

You notice that the custom event handler you configured to detect SMTP reconnaissance activities is creating a large number of events. This is overwhelming your notification system.

How can you fix this?

Options:

A.

Increase the trigger count so that it identifies and reduces the count triggered by a particular group.

B.

Disable the custom event handler because it is not working as expected.

C.

Decrease the time range that the custom event handler covers during the attack.

D.

Increase the log field value so that it looks for more unique field values when it creates the event.

Buy Now
Exam Code: FCSS_SOC_AN-7.4
Exam Name: FCSS - Security Operations 7.4 Analyst
Last Update: Dec 22, 2024
Questions: 32

PDF + Testing Engine

$57.75  $164.99

Testing Engine

$43.75  $124.99
buy now FCSS_SOC_AN-7.4 testing engine

PDF (Q&A)

$36.75  $104.99
buy now FCSS_SOC_AN-7.4 pdf