Amazon
Avaya
Cisco
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL
Juniper
Microsoft
NVIDIA
Okta
Palo Alto Networks
Salesforce
All Vendors
  1. Home
  2. Fortinet
  3. NSE6_FSR-7.3

Fortinet NSE6_FSR-7.3 Exam (page: 2)
Fortinet NSE 6 - FortiSOAR 7.3 Administrator
Updated on: 12-Feb-2026

Viewing Page 2 of 9
NSE6_FSR-7.3 PDF 39 Questions

For which two modules on FortiSOAR can you create SLA templates7 (Choose two.)

  1. Alerts
  2. Indicators
  3. Incidents
  4. Tasks

Answer(s): A,B

Explanation:

In FortiSOAR, SLA (Service Level Agreement) templates can be created for specific modules, including Alerts and Indicators. These templates are essential for tracking response and resolution times, ensuring compliance with defined service levels. By configuring SLAs on the Alerts and Indicators modules, organizations can monitor the time taken to address these items, which is critical in maintaining efficient incident response and management practices. The SLA templates can be customized according to specific business requirements and are applied to records within these modules to enforce timely actions.



Refer to the exhibit.



Which two statements about the recommendation engine are true? (Choose two.)

  1. There are no playbooks that can be run on the recommended alerts using the recommendation panel
  2. The dataset is trained to predict the Severity and Type fields.
  3. The recommendation engine is set to automatically accept suggestions.
  4. The alert severity is High, but the recommendation is for it to be set to Medium

Answer(s): B,D

Explanation:

The Recommendation Engine in FortiSOAR is designed to assist in alert triage by suggesting values for certain fields based on historical data and machine learning models. In this case, the engine is trained to predict both the Severity and Type fields, suggesting values that align with past incidents and threat intelligence. Although the current alert severity is High, the recommendation engine has suggested adjusting it to Medium based on the pattern of similar past alerts, indicating a less critical threat level than initially perceived. This functionality helps analysts by providing data-driven insights, which can optimize alert handling and resource allocation.



Refer to the exhibit.



When importing modules to FortiSOAR using the configuration wizard, what actions are applied to fields it you select Merge with Existing as the Bulk action?

  1. Existing fields are kept, new fields are added, and non-imported fields are deleted.
  2. Existing Holds are overwritten, now fields are added, and non-imported fields are deleted.
  3. Existing fields are kept, new fields are added, and non-imported fields are kept.
  4. Existing fields are overwritten, new fields are added, and non-Imported fields are kept.

Answer(s): D

Explanation:

When importing modules into FortiSOAR using the configuration wizard and selecting "Merge with Existing" as the bulk action, the behavior for field handling is as follows: any fields that already exist in the system are overwritten with the imported values. New fields from the imported module are added to the system, while fields that are not part of the imported module remain unaffected and are retained in the system. This option ensures that existing data structures are updated with new information without losing existing, but non-imported, fields.



Which service on FortiSOAR is the playbook scheduler?

  1. cyops-torccat
  2. colcrybeatd
  3. celeryd
  4. uwsgi

Answer(s): B

Explanation:

In FortiSOAR, the service responsible for the playbook scheduling functionality is colcrybeatd. This service manages the timing and execution of scheduled playbooks, allowing for the automation of various tasks at specified intervals. It ensures that playbooks execute according to their configured schedules, which can include tasks such as data ingestion, threat detection, or incident response actions. Proper functioning of this service is essential for the reliable automation of time-dependent processes within FortiSOAR.



A security analyst has reported unauthorized access to System Configuration. You must review the user's current level of access, and then restrict their access according to your organization's requirements. As part of your auditing process, which two actions should you perform? (Choose two.)

  1. Remove the create, read, update, and delete (CRUD) permissions or roles that the user does not require.
  2. View the user's effective role permissions, and then investigate which role is providing that access.
  3. Remove all record ownership that is assigned to the user.
  4. Review the user's learn hierarchy to ensure that the appropriate relationships are configured.

Answer(s): B,D

Explanation:

To audit and restrict a user's access within FortiSOAR, particularly in response to unauthorized access reports, it's necessary to review the user's effective role permissions. This involves checking which roles grant the user access to the System Configuration module and adjusting as needed. Additionally, reviewing the user's team hierarchy ensures that the user's access aligns with the organization's policies. Misconfigurations in team relationships can sometimes inadvertently provide elevated access; hence, confirming that the team setup is correct is a critical part of the auditing process.



Viewing Page 2 of 9



Share your comments for Fortinet NSE6_FSR-7.3 exam with other users:

Kaleemullah 12/31/2023 1:35:00 AM

great support to appear for exams
Anonymous


Bsmaind 8/20/2023 9:26:00 AM

useful dumps
Anonymous


Blessious Phiri 8/13/2023 8:37:00 AM

making progress
Anonymous


Nabla 9/17/2023 10:20:00 AM

q31 answer should be d i think
FRANCE


vladputin 7/20/2023 5:00:00 AM

is this real?
UNITED STATES


Nick W 9/29/2023 7:32:00 AM

q10: c and f are also true. q11: this is outdated. you no longer need ownership on a pipe to operate it
Anonymous


Naveed 8/28/2023 2:48:00 AM

good questions with simple explanation
UNITED STATES


cert 9/24/2023 4:53:00 PM

admin guide (windows) respond to malicious causality chains. when the cortex xdr agent identifies a remote network connection that attempts to perform malicious activity—such as encrypting endpoint files—the agent can automatically block the ip address to close all existing communication and block new connections from this ip address to the endpoint. when cortex xdrblocks an ip address per endpoint, that address remains blocked throughout all agent profiles and policies, including any host-firewall policy rules. you can view the list of all blocked ip addresses per endpoint from the action center, as well as unblock them to re-enable communication as appropriate. this module is supported with cortex xdr agent 7.3.0 and later. select the action mode to take when the cortex xdr agent detects remote malicious causality chains: enabled (default)—terminate connection and block ip address of the remote connection. disabled—do not block remote ip addresses. to allow specific and known s
Anonymous


Yves 8/29/2023 8:46:00 PM

very inciting
Anonymous


Miguel 10/16/2023 11:18:00 AM

question 5, it seems a instead of d, because: - care plan = case - patient = person account - product = product2;
SPAIN


Byset 9/25/2023 12:49:00 AM

it look like real one
Anonymous


Debabrata Das 8/28/2023 8:42:00 AM

i am taking oracle fcc certification test next two days, pls share question dumps
Anonymous


nITA KALE 8/22/2023 1:57:00 AM

i need dumps
Anonymous


CV 9/9/2023 1:54:00 PM

its time to comptia sec+
GREECE


SkepticReader 8/1/2023 8:51:00 AM

question 35 has an answer for a different question. i believe the answer is "a" because it shut off the firewall. "0" in registry data means that its false (aka off).
UNITED STATES


Nabin 10/16/2023 4:58:00 AM

helpful content
MALAYSIA


Blessious Phiri 8/15/2023 3:19:00 PM

oracle 19c is complex db
Anonymous


Sreenivas 10/24/2023 12:59:00 AM

helpful for practice
Anonymous


Liz 9/11/2022 11:27:00 PM

support team is fast and deeply knowledgeable. i appreciate that a lot.
UNITED STATES


Namrata 7/15/2023 2:22:00 AM

helpful questions
Anonymous


lipsa 11/8/2023 12:54:00 PM

thanks for question
Anonymous


Eli 6/18/2023 11:27:00 PM

the software is provided for free so this is a big change. all other sites are charging for that. also that fucking examtopic site that says free is not free at all. you are hit with a pay-wall.
EUROPEAN UNION


open2exam 10/29/2023 1:14:00 PM

i need exam questions nca 6.5 any help please ?
Anonymous


Gerald 9/11/2023 12:22:00 PM

just took the comptia cybersecurity analyst (cysa+) - wished id seeing this before my exam
UNITED STATES


ryo 9/10/2023 2:27:00 PM

very helpful
MEXICO


Jamshed 6/20/2023 4:32:00 AM

i need this exam
PAKISTAN


Roberto Capra 6/14/2023 12:04:00 PM

nice questions... are these questions the same of the exam?
Anonymous


Synt 5/23/2023 9:33:00 PM

need to view
UNITED STATES


Vey 5/27/2023 12:06:00 AM

highly appreciate for your sharing.
CAMBODIA


Tshepang 8/18/2023 4:41:00 AM

kindly share this dump. thank you
Anonymous


Jay 9/26/2023 8:00:00 AM

link plz for download
UNITED STATES


Leo 10/30/2023 1:11:00 PM

data quality oecd
Anonymous


Blessious Phiri 8/13/2023 9:35:00 AM

rman is one good recovery technology
Anonymous


DiligentSam 9/30/2023 10:26:00 AM

need it thx
Anonymous