Fortinet FCSS - Security Operations 7.4 Analyst - FCSS_SOC_AN-7.4 Exam Practice Test

A. IPS logs

B. DNS filter logs

C. Web filter logs

D. Application filter logs

E. Email filter logs

A. To increase sales and marketing efforts

B. To ensure seamless business operations

C. To minimize the impact of false positives

D. To quickly contain and mitigate threats

A. Lateral Movement

B. Initial Access

C. Persistence

D. Defense Evasion

A. The number of pages in the playbook

B. The timing and conditions under which the playbook is triggered

C. The color scheme of the playbook interface

D. The geographical location of the SOC

A. A security profile on FortiGate triggers a violation and FortiGate sends a webhook call to FortiAnalyzer.

B. An automation stitch is configured on FortiAnalyzer and mapped to FortiGate using the FortiOS connector.

C. An event handler on FortiAnalyzer is configured to send a notification to FortiGate to trigger an automation stitch.

D. An event handler on FortiAnalyzer executes an automation stitch when an event is created.

A. The APAC SOC team has access to FortiView and other reporting functions.

B. The EMEA SOC team has access to historical logs only.

C. The AMER HQ SOC team cannot run automation playbooks from the Fabric supervisor.

D. The AMER HQ SOC team must configure high availability (HA) for the supervisor node.

A. EVENT_TRIGGER

B. ON_DEMAND

C. ON_SCHEDULE

D. INCIDENT_TRIGGER

A. Spearphishing is being used to elicit sensitive information.

B. Reconnaissance is being used to gather victim identity information from the mail server.

C. FTP is being used as command-and-control (C&C) technique to mine for data.

D. DNS tunneling is being used to extract confidential data from the local network.

A. It diminishes the importance of cybersecurity.

B. It reduces the necessity for manual data processing.

C. It increases the workload on SOC analysts.

D. It focuses on marketing data analysis.