Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Fortinet Exam FCP_FAZ_AD-7.4 Topic 3 Question 9 Discussion

Actual exam question for Fortinet's FCP_FAZ_AD-7.4 exam
Question #: 9
Topic #: 3
[All FCP_FAZ_AD-7.4 Questions]

Refer to the exhibit.

Laptop1 is used by several administrators to manage FortiAnalyzer. You want to configure a generic text filter that matches all login attempts to the web interface generated by any user other than "admin", and coming from Laptop1.

Which filter will achieve the desired result?

Show Suggested Answer Hide Answer
Suggested Answer: B

by Alex at Jan 12, 2025, 05:47 PM

Limited Time Offer

25%

Off

Get Premium FCP_FAZ_AD-7.4 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Makeda
2 months ago
I think I'll go with C. Gotta love those fancy-sounding performed_on filters, am I right?
upvoted 0 times
...
Shenika
2 months ago
Haha, why are they even testing us on this? Isn't 'admin' like the first thing we learn to avoid in security?
upvoted 0 times
...
Noelia
2 months ago
Hmm, I'm not sure. Wouldn't B be better since it checks for the admin user specifically? Just to be extra safe, you know?
upvoted 0 times
Leota
2 months ago
B) operation-login & srcip==10.1.1.100 & dstip==10.1.1.210 & user==admin
upvoted 0 times
...
Shenika
2 months ago
A) operation-login & dstip==10.1.1.210 & user!-admin
upvoted 0 times
...
...
Paulina
3 months ago
I see your point, Bok. However, I think D) operation-login & performed_on=='GUI(10.1.1.100)' & user!=admin could also be a valid option as it specifies the condition for login attempts from any user other than 'admin' coming from Laptop1.
upvoted 0 times
...
Bok
3 months ago
I disagree, I believe the correct answer is C) operation-login & performed_on=='GUI(10.1.1.210)' & user!=admin. This filter specifically targets login attempts to the web interface generated by any user other than 'admin' and coming from Laptop1.
upvoted 0 times
...
Mariko
3 months ago
I think the answer is A) operation-login & dstip==10.1.1.210 & user!-admin because it specifies the condition for login attempts from any user other than 'admin' coming from Laptop1.
upvoted 0 times
...
Lilli
3 months ago
I'd go with D. The filter looks for the correct source IP and excludes the 'admin' user. Seems like the most straightforward approach.
upvoted 0 times
Lon
2 months ago
True, D is more specific to the scenario described in the question.
upvoted 0 times
...
Paris
2 months ago
Option A could work too, but D specifically targets the source IP of Laptop1.
upvoted 0 times
...
Christiane
2 months ago
But what about option A? It also excludes the 'admin' user and matches the source IP.
upvoted 0 times
...
Marti
2 months ago
I agree, D seems like the most logical choice.
upvoted 0 times
...
...
Maira
3 months ago
Option C looks good to me. It checks for the login operation, the specific GUI IP, and filters out the 'admin' user.
upvoted 0 times
Vi
2 months ago
User1: That's exactly what we need for the configuration.
upvoted 0 times
...
Theron
2 months ago
User2: I agree, it filters out the 'admin' user from the login attempts.
upvoted 0 times
...
Gilberto
3 months ago
User1: I think option C is the correct one.
upvoted 0 times
...
...

Save Cancel