Fortinet NSE7_ADA-6.3 - NSE 7 - Advanced Analytics 6.3 Exam

Page:    1 / 7   
Total 33 questions

How can you invoke an integration policy on FortiSIEM rules?

  • A. Through Notification Policy settings
  • B. Through Incident Notification settings
  • C. Through remediation scripts
  • D. Through External Authentication settings


Answer : A

How do customers connect to a shared multi-tenant instance on FortiSOAR?

  • A. The MSSP must provide secure network connectivity between the FortiSOAR manager node and the customer devices.
  • B. The MSSP must install a Secure Message Exchange node to connect to the customer's shared multi-tenant instance.
  • C. The customer must install a tenant node to connect to the MSSP shared multi-tenant instance.
  • D. The MSSP must install an agent node on the customer's network to connect to the customer's shared multi-tenant instance.


Answer : A

In the event of a WAN link failure between the collector and the supervisor, by default, what is the maximum number of event files stored on the collector?

  • A. 30,000
  • B. 10,000
  • C. 40,000
  • D. 20,000


Answer : B

What is the disadvantage of automatic remediation?

  • A. It can make a disruptive change to a user, block access to an application, or disconnect critical systems from the network.
  • B. It is equivalent to running an IPS in monitor-only mode — watches but does not block.
  • C. External threats or attacks detected by FortiSIEM will need user interaction to take action on an already overworked SOC team.
  • D. Threat behaviors occurring during the night could take hours to respond to.


Answer : A

What are the modes of Data Ingestion on FortiSOAR? (Choose three.)

  • A. Rule based
  • B. Notification based
  • C. App Push
  • D. Policy based
  • E. Schedule based


Answer : BCE

Page:    1 / 7   
Total 33 questions