Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location
Mob_nav_barsMENU

Fortinet Exam FCP_FSM_AN-7.2 Topic 4 Question 4 Discussion

Actual exam question for Fortinet's FCP_FSM_AN-7.2 exam
Question #: 4
Topic #: 4
[All FCP_FSM_AN-7.2 Questions]

Refer to the exhibit.

An analyst is troubleshooting the rule shown in the exhibit. It is not generating any incidents, but the filter parameters are generating events on the Analytics tab.

What is wrong with the rule conditions?

Show Suggested Answer Hide Answer
Suggested Answer: C

The Group By attributes - Destination IP and User - cause the aggregation (COUNT(Source IP) >= 2) to apply within each unique combination of those groupings. This restricts the count calculation and can prevent the rule from triggering incidents, even if matching events exist in the Analytics tab.


by Apolonia at Oct 03, 2025, 03:07 AM

Limited Time Offer

25%

Off

Get Premium FCP_FSM_AN-7.2 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Silvana
5 days ago
I remember something about the Event Type needing to match the data source, but I'm not sure if it's specifically about CMDB lookups.
upvoted 0 times
...
Anglea
11 days ago
I feel pretty confident the answer is B. The Destination Host Name value not being fully qualified is a common issue that can cause rules to not work as expected. I'd focus on fixing that first.
upvoted 0 times
...
Alonzo
16 days ago
Okay, let me think this through. The Group By attributes and Aggregate attribute could be too restrictive, limiting the events that are counted. I'd double-check those settings to see if that's the problem.
upvoted 0 times
...
Margurite
21 days ago
Hmm, I'm not sure. The event type referring to a CMDB lookup seems like it could be the issue, but the question doesn't give us much context on that. I might need to review the rule in more detail to figure this out.
upvoted 0 times
...
Rodolfo
26 days ago
I'm a bit confused on this one. The question mentions the filter parameters are generating events, so I'm not sure if the issue is with the rule conditions themselves. Maybe it's something else going on?
upvoted 0 times
...
Eladia
1 months ago
I think the answer is B. The Destination Host Name value is not fully qualified, so the rule is not matching the events correctly.
upvoted 0 times
...

Save Cancel