Real IT Certification Exams Questions & Dumps | Get Certified with CertQuestionsBank.com

Latest FCP_FSM_AN-7.2 Exam Practice Questions

The practice questions for FCP_FSM_AN-7.2 exam was last updated on 2025-11-01 .

Viewing page 1 out of 2 pages.

Viewing questions 1 out of 12 questions.

Question#1

Refer to the exhibit.

If a rule containing the automation policy shown in the exhibit triggers, what will happen?

A. Associated source IP addresses will be blocked on devices in the Aviation organization.

B. Associated source IP addresses will be blocked on all FortiGate firewalls.

C. Associated source IP addresses will be blocked on devices in the Network CMDB group.

D. Associated source IP addresses will be blocked on two FortiGate firewalls.

Explanation:
The automation policy is configured to run a remediation script named "Fortinet FortiOS - Block Source IP FortiOS via API". It specifies enforcement on two FortiGate devices: FortiGate508 and FortiGate90D. Therefore, associated source IP addresses will be blocked on those two FortiGate firewalls only.

Question#2

Refer to the exhibit.

Which value would you expect the FortiSIEM parser to use to populate the Application Name field?

A. applist

B. Network.Service

C. SSL

D. wan1

Explanation:
The Application Name field in FortiSIEM is typically populated using the value of the app field in the raw log. In this event, app="SSL", so "SSL" is the expected application name parsed by FortiSIEM.

Question#3

Refer to the exhibit.

What will happen when a device being analyzed by the machine learning configuration shown in the exhibit has a consistently high memory utilization?

A. FortiSIEM will update the regression tables for memory utilization, and average sent and received bytes.

B. FortiSIEM will trigger an incident for high memory utilization.

C. FortiSIEM will lower the CPU utilization trigger requirement for CPU utilization.

D. FortiSIEM will update the model with a higher memory utilization average value.

Explanation:
In the configuration shown, FortiSIEM uses Memory Util, Sent Bytes, and Received Bytes as input features to predict CPU Utilization via a regression model. If a device shows consistently high memory utilization, the model will incorporate that into its training data and update itself with a higher average value for memory utilization, influencing future CPU utilization predictions.

Question#4

Refer to the exhibit.

What is the Group: FortiSIEM Analysts value referring to?

A. FortiSIEM organization group

B. LDAP user group

C. CMDB user group

D. Windows Active Directory user group

Explanation:
In FortiSIEM, the value Group: FortiSIEM Analysts under the User attribute refers to a CMDB user group. These groups are defined within FortiSIEM's CMDB and used to logically organize users for analytics, correlation rules, and reporting.

Question#5

Refer to the exhibit.

Which two lookup types can you reference as the subquery in a nested analytics query? (Choose two.)

A. LDAP Query

B. CMDB Query

C. SNMP Query

D. Event Query

Explanation:
In FortiSIEM nested analytics queries, you can reference both CMDB Queries and Event Queries as subqueries. These allow correlation between CMDB data and event data for advanced detection use cases.

Exam Code: FCP_FSM_AN-7.2Q & A: 32 Q&AsUpdated: 2025-11-01

Get All FCP_FSM_AN-7.2 Q&As

FCP_FSM_AN-7.2 Online Practice Questions

Question#1

Question#2

Question#3

Question#4

Question#5

Top 20 Exams

Important Links

Know Us

Follow Us