Free Fortinet FCSS_SOC_AN-7.4 Practice Test & Real Exam Questions
Which statement best describes the MITRE ATT&CK framework?
Correct Answer: B
Vote an answer
Explanation: Only visible for Pass4Leader members. You can sign-up / login (it's free).
Which of the following are critical when analyzing and managing events and incidents in a SOC?
(Choose Two)
(Choose Two)
Correct Answer: C,D
Vote an answer
Which FortiAnalyzer feature uses the SIEM database for advance log analytics and monitoring?
Correct Answer: C
Vote an answer
Explanation: Only visible for Pass4Leader members. You can sign-up / login (it's free).
Which of the following best describes a benefit of a well-configured FortiAnalyzer Fabric deployment?
Correct Answer: A
Vote an answer
What is a key consideration when designing a scalable FortiAnalyzer deployment?
Correct Answer: B
Vote an answer
While monitoring your network, you discover that one FortiGate device is sending significantly more logs to FortiAnalyzer than all of the other FortiGate devices in the topology.
Additionally, the ADOM that the FortiGate devices are registered to consistently exceeds its quota.
What are two possible solutions? (Choose two.)
Additionally, the ADOM that the FortiGate devices are registered to consistently exceeds its quota.
What are two possible solutions? (Choose two.)
Correct Answer: B,C
Vote an answer
Explanation: Only visible for Pass4Leader members. You can sign-up / login (it's free).
Which two playbook triggers enable the use of trigger events in later tasks as trigger variables? (Choose two.)
Correct Answer: A,B
Vote an answer
Explanation: Only visible for Pass4Leader members. You can sign-up / login (it's free).
Review the following incident report:
Attackers leveraged a phishing email campaign targeting your employees.
The email likely impersonated a trusted source, such as the IT department, and requested login credentials.
An unsuspecting employee clicked a malicious link in the email, leading to the download and execution of a Remote Access Trojan (RAT).
The RAT provided the attackers with remote access and a foothold in the compromised system.
Which two MITRE ATT&CK tactics does this incident report capture? (Choose two.)
Attackers leveraged a phishing email campaign targeting your employees.
The email likely impersonated a trusted source, such as the IT department, and requested login credentials.
An unsuspecting employee clicked a malicious link in the email, leading to the download and execution of a Remote Access Trojan (RAT).
The RAT provided the attackers with remote access and a foothold in the compromised system.
Which two MITRE ATT&CK tactics does this incident report capture? (Choose two.)
Correct Answer: A,B
Vote an answer
Explanation: Only visible for Pass4Leader members. You can sign-up / login (it's free).
What should be prioritized when analyzing threat hunting information feeds?
(Choose Two)
(Choose Two)
Correct Answer: A,B
Vote an answer
