Month End Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

FCP_FSM_AN-7.2 Exam Dumps - Fortinet Certified Professional Security Operations Questions and Answers

Question # 4

Refer to the exhibit.

What happens when an analyst clears an incident generated by a rule containing the automation policy shown in the exhibit?

Options:

A.

No notification is sent.

B.

An email is sent to the SOC manager.

C.

The remediation script is run.

D.

A notification is sent to the SOC manager dashboard.

Buy Now
Question # 5

Refer to the exhibit.

If a rule containing the automation policy shown in the exhibit triggers, what will happen?

Options:

A.

Associated source IP addresses will be blocked on devices in the Aviation organization.

B.

Associated source IP addresses will be blocked on all FortiGate firewalls.

C.

Associated source IP addresses will be blocked on devices in the Network CMDB group.

D.

Associated source IP addresses will be blocked on two FortiGate firewalls.

Buy Now
Question # 6

Refer to the exhibit.

As shown in the exhibit, why are some of the fields highlighted in red?

Options:

A.

Unique values cannot be grouped

B.

The attribute COUNT(Matched Events) is an invalid expression.

C.

No RAW Event Log attribute information is available.

D.

The Event Receive Time attribute is not available for logs.

Buy Now
Question # 7

Refer to the exhibit.

Which two lookup types can you reference as the subquery in a nested analytics query? (Choose two.)

Options:

A.

LDAP Query

B.

CMDB Query

C.

SNMP Query

D.

Event Query

Buy Now
Question # 8

Refer to the exhibit.

How was this incident cleared?

Options:

A.

The analyst manually cleared the incident from the incident table.

B.

FortiSIEM cleared the incident automatically after 24 hours.

C.

The incident was cleared automatically by the rule.

D.

The endpoint was rebooted and sent an all-clear signal to FortiSIEM.

Buy Now
Question # 9

When configuring anomaly detection machine learning, in which step must you select the fields to analyze?

Options:

A.

Design

B.

Schedule

C.

Prepare Data

D.

Train

Buy Now
Question # 10

Which running mode takes the most time to perform machine learning tasks?

Options:

A.

Local auto

B.

Local

C.

Forecasting

D.

Regression

Buy Now
Question # 11

Refer to the exhibit.

The analyst is troubleshooting the analytics query shown in the exhibit.

Why is this search not producing any results?

Options:

A.

The Time Range is set incorrectly.

B.

The inner and outer nested query attribute types do not match.

C.

You cannot reference User and Event Type attributes in the same search.

D.

The Boolean operator is wrong between the attributes.

Buy Now
Question # 12

Which analytics search can be used to apply a user and entity behavior analytics (UEBA) tag to an event for a failed login by the user JSmith?

Options:

A.

User = smith

B.

Username NOT END WITH jsmith

C.

User IS jsmith

D.

Username CONTAIN smit

Buy Now
Exam Code: FCP_FSM_AN-7.2
Exam Name: FCP - FortiSIEM 7.2 Analyst
Last Update: Aug 31, 2025
Questions: 32
FCP_FSM_AN-7.2 pdf

FCP_FSM_AN-7.2 PDF

$25.5  $84.99
 Add to Cart
FCP_FSM_AN-7.2 Engine

FCP_FSM_AN-7.2 Testing Engine

$28.5  $94.99
 Add to Cart
FCP_FSM_AN-7.2 PDF + Engine

FCP_FSM_AN-7.2 PDF + Testing Engine

$40.5  $134.99
 Add to Cart