Fortinet FCSS_ADA_AR-6.7 Practice Exams
Last updated on Apr 09,2025- Exam Code: FCSS_ADA_AR-6.7
- Exam Name: FCSS—Advanced Analytics 6.7 Architect
- Certification Provider: Fortinet
- Latest update: Apr 09,2025
What is recommended method of adding workers to a FortiSIEM cluster?
- A . Add a worker every 25,000 EPS
- B . Add a worker every 20,000 EPS
- C . Add a worker every 10,000 EPS
- D . Add a worker every 15,000 EPS
Where can you define automated remediation on FortiSIEM?
- A . Integration policy
- B . Notification policy
- C . Authentication policy
- D . Remediation policy
Refer to the exhibit.
If the Z-score for this rule is greater than or equal to three, what does this mean?
- A . The rate of firewall connection is optimum.
- B . The rate of firewall connection is above the historical average value.
- C . The rate of firewall connection is above the current average value.
- D . The rate of firewall connection is below historical average value.
What is the disadvantage of automatic remediation?
- A . It can make a disruptive change to a user, block access to an application, or disconnect critical systems from the network.
- B . It is equivalent to running an IPS in monitor-only mode ― watches but does not block.
- C . External threats or attacks detected by FortiSIEM will need user interaction to take action on an already overworked SOC team.
- D . Threat behaviors occurring during the night could take hours to respond to.
From where does the rule engine load the baseline data values?
- A . The profile report
- B . The daily database
- C . The profile database
- D . The memory
FortiSIEM’s UEBA capabilities primarily focus on:
- A . Ensuring all users have similar access privileges?
- B . Monitoring and analyzing behavior patterns to identify potential risks?
- C . Providing encryption algorithms for data transfers?
- D . Streamlining the software update process?
Refer to the exhibit.
The profile database contains CPU utilization values from day one. At midnight on the second day, the CPU utilization values from the daily database will be merged with the profile database.
In the profile database, in the Hour of Day column where 9 is the value, what will be the updated minimum, maximum, and average CPU utilization values?
- A . Min CPU Util=32.31, Max CPU Util=33.50 and AVG CPU Util=33.50
- B . Min CPU Util=32.31, Max CPU Util=33.50 and AVG CPU Util=32.67
- C . Min CPU Util=32.31, Max CPU Util=32.31 and AVG CPU Util=32.31
- D . Min CPU Util=33.50, Max CPU Util=33.50 and AVG CPU Util=33.50
Manually remediating incidents in FortiSIEM is beneficial when:
- A . There is no internet connection?
- B . An incident is unique or complex and requires human judgment?
- C . The FortiSIEM software is due for an update?
- D . Incidents occur outside business hours?
Refer to the exhibit.
Based on the information provided in the exhibit, calculate the unused events for the next three minutes for a 520 EPS license.
- A . 72460
- B . 73460
- C . 74460
- D . 71460
How often do collectors upload data to the Supervisor? (Choose two.)
- A . Every 20 MB for low EPS environment
- B . Every 5 seconds for low EPS environment
- C . Every 10 MB for high EPS environment
- D . Every 10 seconds for high EPS environment