FCSS_SOC_AN-7.4試験無料問題集（90題）「Fortinet FCSS - Security Operations 7.4 Analyst 認定」

出題：1

What should be a priority when configuring playbook tasks to ensure effective SOC automation?

A. Aligning tasks with the specific stages of incident response

B. Ensuring tasks are scheduled during office hours only

C. Limiting tasks to non-critical alerts

D. Making tasks visible to external stakeholders

正解：A 解答を投票する

出題：2

Which FortiAnalyzer connector can you use to run automation stitches9

A. FortiMail

B. FortiOS

C. Local

D. FortiCASB

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：3

What should be prioritized when analyzing threat hunting information feeds?
(Choose Two)

A. Relevance to current security landscape

B. Accuracy of the information

C. Frequency of advertisement insertion

D. Entertainment value of the content

正解：A,B 解答を投票する

出題：4

While monitoring your network, you discover that one FortiGate device is sending significantly more logs to FortiAnalyzer than all of the other FortiGate devices in the topology.
Additionally, the ADOM that the FortiGate devices are registered to consistently exceeds its quota.
What are two possible solutions? (Choose two.)

A. Configure data selectors to filter the data sent by the first FortiGate device.

B. Create a separate ADOM for the first FortiGate device and configure a different set of storage policies.

C. Reconfigure the first FortiGate device to reduce the number of logs it forwards to FortiAnalyzer.

D. Increase the storage space quota for the first FortiGate device.

正解：B,C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：5

Which trigger type requires manual input to run a playbook?

A. INCIDENT_TRIGGER

B. ON_DEMAND

C. EVENT_TRIGGER

D. ON_SCHEDULE

正解：B 解答を投票する

出題：6

Refer to Exhibit:

A SOC analyst is designing a playbook to filter for a high severity event and attach the event information to an incident.
Which local connector action must the analyst use in this scenario?

A. Attach Data to Incident

B. Update Incident

C. Update Asset and Identity

D. Get Events

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：7

What should be monitored in playbooks to ensure they are functioning as intended?

A. The frequency of playbook activation

B. The number of coffee breaks taken by SOC staff

C. The execution paths and outcomes of the playbooks

D. The physical health of SOC analysts

正解：C 解答を投票する

出題：8

When configuring a FortiAnalyzer to act as a collector device, which two steps must you perform? (Choose two.)

A. Enable log compression.

B. Configure Fabric authorization on the connecting interface.

C. Configure the data policy to focus on archiving.

D. Configure log forwarding to a FortiAnalyzer in analyzer mode.

正解：B,D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：9

Refer to the Exhibit:

An analyst wants to create an incident and generate a report whenever FortiAnalyzer generates a malicious attachment event based on FortiSandbox analysis. The endpoint hosts are protected by FortiClient EMS integrated with FortiSandbox. All devices are logging to FortiAnalyzer.
Which connector must the analyst use in this playbook?

A. FortiClient EMS connector

B. FortiMail connector

C. Local connector

D. FortiSandbox connector

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

FCSS_SOC_AN-7.4試験無料問題集「Fortinet FCSS - Security Operations 7.4 Analyst 認定」