ExamTopics Logo
Mail Us[email protected]
Menu
Fortinet Discussions
exam questions

Exam NSE5_FAZ-7.0 All Questions

View all questions & answers for the NSE5_FAZ-7.0 exam
Go to Exam

Exam NSE5_FAZ-7.0 topic 1 question 35 discussion

Actual exam question from Fortinet's NSE5_FAZ-7.0
Question #: 35
Topic #: 1
[All NSE5_FAZ-7.0 Questions]

Refer to the exhibit.

Laptop1 is used by several administrators to manage FortiAnalyzer. You want to configure a generic text filter that matches all login attempts to the web interface generated by any user other than “admin" and coming from Laptop1.
Which filter will achieve the desired result?

  • A. operation-login & performed_on=="GUI(10.1.1.100)" & user!=admin
  • B. operation-login & srcip==10.1.1.100 & dstip==10.1.1.210 & user==admin
  • C. operation-login & dstip==10.1.1.210 & userl-admin
  • D. operation-login & performed_on=="GUI(10.1.1.210)' & user!=admin
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by wayne0926 at Nov. 27, 2022, 2:18 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
lucient
Highly Voted 1 year ago
Selected Answer: A
The right answer is A. There are several things to consider: * All attempts to the web interface generated by any user "OTHER THAN" admin. This is, "admin" is no included. *Coming from Laptop1: the answer must include Laptop1's IP. So, C and D are out. Because, even when any of them work, they will match any attempt to login to FAZ, but from any IP, not only Laptop1. So, A and B remain. B can't be right because it says "user==admin". The double "==" means exact match. And we already said that it must match "any user OTHER THAN admin". So, the only answer is A, because it includes Laptop1's IP and it says "user!=admin". Where "!=" means "different".
upvoted 9 times
Nappel
9 months, 3 weeks ago
A is correct: See the FortiAnalyzer studie Guide page 200.
upvoted 1 times
...
...
jcarlosBO
Most Recent 4 months, 2 weeks ago
Selected Answer: A
Por el uso de filtros es A
upvoted 1 times
...
OldPlayer
9 months, 1 week ago
Selected Answer: A
Like mentioned, Studyguide page 200, "!=" means "Not Equal" and "==" means "exact match" making A the correct answer.
upvoted 1 times
...
G33
1 year ago
A Performed on means the device where the GUI was opened from, I checked the logs on a fortianalyzer.
upvoted 1 times
...
D10SJoker
1 year, 1 month ago
Selected Answer: D
For me D is ok
upvoted 3 times
soporte127
9 months, 2 weeks ago
why d?
upvoted 1 times
...
...
mmhhll
1 year, 1 month ago
Does "performed_on" reference the source or destination? If destination, answer D would log from more than the laptop. If source, A is the correct answer.
upvoted 1 times
Ronnie89
1 year, 1 month ago
I think it's A
upvoted 2 times
Johnflorus
1 year, 1 month ago
"performed_on" means source.
upvoted 1 times
Ronnie89
1 year, 1 month ago
I've checked the lab guide and perform_on is the source. So it should be A. On there the task was to create a filter for failed logins from any other location but the local computer: "Add the text performed_on!~10.0.1.10. This includes any attempts coming from devices with an IP address that is not the one configured on the Local-Client computer."
upvoted 1 times
...
...
...
...
wayne0926
1 year, 1 month ago
Selected Answer: D
Correct Ans: D
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago