Fortinet FCSS—Advanced Analytics 6.7 Architect - FCSS_ADA_AR-6.7 模擬練習

A. Agent

B. Worker

C. Supervisor

D. Collector

A. You can populate lookup tables through an incident, whereas you cannot populate watchlists through an incident.

B. Lookup table values age out after a period, whereas watchlist values do not have any time condition.

C. You can reference lookup table data in analytic queries and reports almost immediately, whereas you may have to wait up to 5-10 minutes for watchlist entries to be useable in queries and reports.

D. Lookup tables can contain multiple columns, whereas watchlists contain only a single column.

A. The rate of firewall connection is above the current average value.

B. The rate firewall connection is above the historical average value.

C. The rate of firewall connection is optimum.

D. The rate of firewall connection is below historical average value.

A. The daily database

B. The memory

C. The profile report

D. The profile database

A. Through Notification Policy settings

B. Through External Authentication settings

C. Through remediation scripts

D. Through Incident Notification settings

A. phRuleWorker evaluates non-aggregate conditions as defined in subpattern filters of a rule in memory.

B. phRuleWorker uses a 60-second bucket as an evaluation window.

C. phRuleWorker exists on both the supervisor and workers.

D. phRuleWorker exists on the worker only.

A. To upload event data if a worker down

B. To report its own health status

C. To report the health status of the agents

D. To receive templates associated with agents