Fortinet FCP_FAZ_AN-7.4 Exam Questions

Question 6 of 54

Refer to the exhibits.
Exam FCP_FAZ_AN-7.4: Question 6 - Image 1

Assume these are all the events that exist on the FortiAnalyzer device.
How many events will be added to the incident created after running this playbook?

No events will be added.

Eleven events will be added.

Four events will be added.

Seven events will be added.

Correct Answer: C

Question 7 of 54

Which SQL query is in the correct order to query the database in the FortiAnalyzer?

SELECT devid FROM $log WHERE 'user'='USER1' GROUP BY devid

SELECT devid WHERE 'user'='USER1' FROM $log GROUP BY devid

SELECT devid FROM $log GROUP BY devid WHERE 'user'='USER1'

SELECT FROM $log WHERE devid 'user'='USER1' GROUP BY devid

Correct Answer: A

Question 8 of 54

What is the purpose of playbook trigger variables?

To display statistics about the playbook runtime

To provide the trigger information to make the playbook start running

To use information from the trigger to filter the action in a task

To store the start times of playbooks with On_Schedule triggers

Correct Answer: C

Question 9 of 54

Refer to the exhibit.
Exam FCP_FAZ_AN-7.4: Question 9 - Image 1

What can you conclude about these search results? (Choose two.)

They were searched by using text mode.

They can be downloaded to a file.

They are sortable by columns and customizable.

They are not available for analysis in FortiView.

Correct Answer: A, B

Question 10 of 54

What is the purpose of running the command diagnose sql status sqlplugind?

To list the current SQL processes running

To view the current hcache size

To identify the database log insertion status

To display the SQL query connections and hcache status

Correct Answer: D