Fortinet FCP_FSM_AN-7.2 Certification Exam Sample Questions and Answers

Before you write the Fortinet FortiSIEM Analyst (FCP_FSM_AN-7.2) certification exam, you may have certain doubts in your mind regarding the pattern of the test, the types of questions asked in it, the difficulty level of the questions and time required to complete the questions. These Fortinet Certified Professional - Security Operations (FortiSIEM Analyst) sample questions and demo exam help you in removing these doubts and prepare you to take the test.

The best approach to pass your Fortinet FCP_FSM_AN-7.2 exam is to challenge and improve your knowledge. To test your learning and identify improvement areas with actual exam format, we suggest you practice with Premium Fortinet FCP_FSM_AN-7.2 Certification Practice Exam. The practice test is one of the most important elements of your Fortinet FCP - FortiSIEM 7.2 Analyst (FortiSIEM Analyst) exam study strategy to discover your strengths and weaknesses, to improve your time management skills and to get an idea of the score you can expect.

Fortinet FCP_FSM_AN-7.2 (FortiSIEM Analyst) Sample Questions:

01. Refer to the exhibit.

What does the Define Condition time field determine for this rule?

a) The time of day the rule will trigger.

b) How often the rule will evaluate the subpattern(s).

c) How often the rule will perform remediation.

d) The time period over which the rule evaluates events.

 

02. What are the five categories of incidents on FortiSIEM?

a) Performance, other, availability, security, and change

b) Devices, users, high risk, other, and low risk

c) Security, change, high risk, low risk, and other

d) Performance, other, devices, high risk, and low risk

 

03. What must you configure to apply ZTNA tags from FortiSIEM to devices in FortiClient EMS?

a) Syslog connection to FortiSIEM from FortiGate firewalls
b) Syslog connection to FortiGate firewalls from FortiSIEM

c) API connection from FortiSIEM to FortiClient EMS

d) API connection from FortiClient EMS to FortiSIEM

 

04. Where can an analyst configure rule notifications and automated remediation on FortiSIEM?

a) Notification policy

b) Response policies

c) Notification engine

d) Automation policy

 

05. Which two elements can you use to define how an automation policy activates?

(Choose two.)

a) Lookup table

b) Rules

c) Watchlist

d) Time range

 

06. From which two sources can you import data to train FortiSIEM machine learning?

(Choose two.)

a) Syslog archives
b) CSV files

c) FortiSIEM reports

d) SQL database

 

07. Refer to the exhibit.

Which section contains settings that determine which attribute associations are used to trigger an incident?

a) Name

b) Aggregate

c) Filters

d) Group By

 

08. What feature defines when an incident is created by FortiSIEM?

a) Rules
b) Cases

c) Analytics

d) CMDB

 

09. When using user and entity behavior analytics (UEBA) on FortiSIEM, what must you use to dynamically supply a list of IP addresses to a FortiGate device for blocking purposes?

a) API Connection

b) SCP

c) Watchlists

d) Lookup tables

 

10. Which two attributes can you not select together in the Group By and Display Fields?

(Choose two.)

a) Source IP

b) Raw Event Log

c) Destination IP

d) Event Reporting Time

e) Reporting IP

Solutions:

Note: If you find any error in these Fortinet FCP - FortiSIEM 7.2 Analyst (FortiSIEM Analyst) sample questions, you can update us by write an email on feedback@nwexam.com.