Which two ways can you create an incident on FortiAnalyzer? (Choose two.)

• A.Using a connector action
• B.Manually, on the Event Monitor page
• C.By running a playbook
• D.Using a custom event handler

Comment: *

Name: *

Email: *

Verification: *

What is the advantage of integrating advanced analytics in the management of events and incidents in a SOC?

• A.It reduces the necessity for manual data processing.
• B.It increases the workload on SOC analysts.
• C.It focuses on marketing data analysis.
• D.It diminishes the importance of cybersecurity.

Comment: *

Name: *

Email: *

Verification: *

Refer to the exhibits.

You configured a custom event handler and an associated rule to generate events whenever FortiMail detects spam emails. However, you notice that the event handler is generating events for both spam emails and clean emails.
Which change must you make in the rule so that it detects only spam emails?

• A.In the Log Type field, select Anti-Spam Log (spam)
• B.In the Log filter by Text field, type type==spam.
• C.Disable the rule to use the filter in the data selector to create the event.
• D.In the Trigger an event when field, select Within a group, the log field Spam Name (snane) has 2 or more unique values.

Comment: *

Name: *

Email: *

Verification: *

A customer wants FortiAnalyzer to run an automation stitch that executes a CLI command on FortiGate to block a predefined list of URLs, if a botnet command-and-control (C&C) server IP is detected.
Which FortiAnalyzer feature must you use to start this automation process?

• A.Playbook
• B.Data selector
• C.Event handler
• D.Connector

Comment: *

Name: *

Email: *

Verification: *

In managing events and incidents, which factors should a SOC analyst focus on to improve response times?
(Choose Three)

• A.Accuracy of event correlation
• B.Clarity of communication channels
• C.Time spent in meetings
• D.Efficiency of data entry processes
• E.Speed of alert generation

Comment: *

Name: *

Email: *

Verification: *