Fortinet FCSS - Security Operations 7.4 Analyst - FCSS_SOC_AN-7.4 模擬練習

What is a key objective of managing outbreak alert handlers in a SOC?

正解: C
Refer to the exhibits.

What can you conclude from analyzing the data using the threat hunting module?

正解: A
解説: (PassTest メンバーにのみ表示されます)
Which MITRE ATT&CK technique category involves collecting information about the environment and systems?

正解: D
Which three end user logs does FortiAnalyzer use to identify possible IOC compromised hosts? (Choose three.)

正解: A,B,D
解説: (PassTest メンバーにのみ表示されます)
In the context of SOC operations, mapping adversary behaviors to MITRE ATT&CK techniques primarily helps in:

正解: A
Which component of the Fortinet SOC solution is best suited for centralized log management?

正解: D
Which two statements about the FortiAnalyzer Fabric topology are true? (Choose two.)

正解: A,D
解説: (PassTest メンバーにのみ表示されます)
Refer to the exhibits.

You configured a spearphishing event handler and the associated rule. However. FortiAnalyzer did not generate an event.
When you check the FortiAnalyzer log viewer, you confirm that FortiSandbox forwarded the appropriate logs, as shown in the raw log exhibit.
What configuration must you change on FortiAnalyzer in order for FortiAnalyzer to generate an event?

正解: B
解説: (PassTest メンバーにのみ表示されます)
Refer to Exhibit:

A SOC analyst is designing a playbook to filter for a high severity event and attach the event information to an incident.
Which local connector action must the analyst use in this scenario?

正解: A
解説: (PassTest メンバーにのみ表示されます)