FCSS_ADA_AR-6.7 Exam Questions
69 real FCSS_ADA_AR-6.7 exam questions with expert-verified answers and explanations. Page 2 of 2.
- Question #51
Which three processes are collector processes? (Choose three.)
- Question #52
Refer to the exhibit. Consider a custom lookup table MalwareIPList. An analyst constructed an analytic query to reference the MalwareIPList lookup table. What is the outcome of the...
- Question #53
Which three statements about phRuleMaster are true? (Choose three.)
- Question #54
Refer to the exhibit. The service provider deployed FortiSIEM without a collector and added three customers on the supervisor. What mistake did the administrator make?
- Question #55
Where are the SQLite databases that are used for the baselining, stored?
- Question #56
Refer to the exhibit. If the Z-score for this rule is greater than or equal to three, what does this mean?
- Question #57
Refer to the exhibit. An administrator wants to remediate the incident from FortiSIEM shown in the exhibit. What option is available to the administrator?
- Question #58
Refer to the exhibit. Is the Windows agent delivering event logs correctly?
- Question #59
Refer to the exhibit. An administrator runs an analytic search for all FortiGate SSL VPN logon failures. The results are grouped by source IP, reporting IP, and user. The administr...
- Question #60
Which function of Linux is used by FortiSIEM for collecting logs?
- Question #61
Which two things should you take into consideration before scaling collectors at a customer site? (Choose two.)
- Question #62
What is recommended method of adding workers to a FortiSIEM cluster?
- Question #63
A service provider purchased a licensed EPS of 520 and the total unused events is 72,000. Calculate the total amount of allowed events for the next 3-minute interval.
- Question #64
How often do collectors upload data to the Supervisor? (Choose two.)
- Question #65
What are the two SQLite databases that are used for baseline data? (Choose two.)
- Question #66
What is the estimated time that it would take for the collector to reach the maximum buffer size for a 2000 EPS license?
- Question #67
What are two reasons that agents maintain communication with the supervisor after registration? (Choose two.)
- Question #68
Where can you define automated remediation on FortiSIEM?
- Question #69
During which time period is the license enforcement performed on the number of events received?