Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

Fortinet Exam NSE5_FAZ-7.2 Topic 1 Question 13 Discussion

Actual exam question for Fortinet's NSE5_FAZ-7.2 exam
Question #: 13
Topic #: 1
[All NSE5_FAZ-7.2 Questions]

Refer to the exhibit.

Laptopt is used by several administrators to manage FortiAnalyzer. You want to configure a generic text filter that matches all login attempts to the web interface generated by any user other than "admin" and coming from Laptop1:

Which filter will achieve the desired result?

Show Suggested Answer Hide Answer
Suggested Answer: A

On there the task was to create a filter for failed logins from any other location but the local computer: 'Add the text performed_on!~10.0.1.10. This includes any attempts coming from devices with an IP address that is not the one configured on the Local-Client computer.'


by Elke at Feb 07, 2024, 07:04 PM

Limited Time Offer

25%

Off

Get Premium NSE5_FAZ-7.2 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Fatima
2 days ago
I think the answer is A.
upvoted 0 times
...
Ruthann
24 days ago
I was leaning towards option A, but now I'm not so sure. Let me re-read the question and the options again.
upvoted 0 times
...
Von
25 days ago
Hmm, I think the answer is option D. The 'performed_on' field specifies the source IP address, which in this case is Laptop1 (10.1.1.100), and the 'user!=admin' condition ensures we exclude the 'admin' user.
upvoted 0 times
...
Ines
26 days ago
Exactly. That's my understanding too. The key here is to use the right combination of filter fields to achieve the desired result.
upvoted 0 times
...
Annamaria
27 days ago
This question seems pretty straightforward, but I want to make sure I understand the requirements correctly. We need to configure a filter that matches all login attempts to the web interface, excluding the 'admin' user, and coming from Laptop1 with the IP address 10.1.1.100, right?
upvoted 0 times
Vesta
7 days ago
This filter does not match the requirement because it specifies a different IP address for the GUI.
upvoted 0 times
...
Levi
8 days ago
D) operation-login & performed_on=="GUI(10.1.1.210)' & user!=admin
upvoted 0 times
...
Dahlia
9 days ago
No, this filter is not correct. It includes the 'admin' user and has a different source IP address.
upvoted 0 times
...
Selma
10 days ago
B) operation-login & srcip==10.1.1.100 & dstip==10.1.1.210 & user==admin
upvoted 0 times
...
Laine
11 days ago
That's correct. This filter will match all login attempts to the web interface from Laptop1 excluding the 'admin' user.
upvoted 0 times
...
Effie
12 days ago
A) operation-login & performed_on=="GUI(10.1.1.100)" & user!=admin
upvoted 0 times
...
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77