Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Fortinet Exam FCSS_SOC_AN-7.4 Topic 1 Question 2 Discussion

Actual exam question for Fortinet's FCSS_SOC_AN-7.4 exam
Question #: 2
Topic #: 1
[All FCSS_SOC_AN-7.4 Questions]

Which two ways can you create an incident on FortiAnalyzer? (Choose two.)

Show Suggested Answer Hide Answer
Suggested Answer: B, D

Understanding Incident Creation in FortiAnalyzer:

FortiAnalyzer allows for the creation of incidents to track and manage security events.

Incidents can be created both automatically and manually based on detected events and predefined rules.

Analyzing the Methods:

Option A: Using a connector action typically involves integrating with other systems or services and is not a direct method for creating incidents on FortiAnalyzer.

Option B: Incidents can be created manually on the Event Monitor page by selecting relevant events and creating incidents from those events.

Option C: While playbooks can automate responses and actions, the direct creation of incidents is usually managed through event handlers or manual processes.

Option D: Custom event handlers can be configured to trigger incident creation based on specific events or conditions, automating the process within FortiAnalyzer.

Conclusion:

The two valid methods for creating an incident on FortiAnalyzer are manually on the Event Monitor page and using a custom event handler.


Fortinet Documentation on Incident Management in FortiAnalyzer.

FortiAnalyzer Event Handling and Customization Guides.

Contribute your Thoughts:

Beckie
1 days ago
I'm not sure about the answer, but I think C and D are also possible ways to create an incident.
upvoted 0 times
...
Dudley
2 days ago
I'm pretty sure C is the way to go. With a playbook, you can automate the whole incident creation process. No need to get your hands dirty!
upvoted 0 times
...
Emiko
3 days ago
A and B, of course! Manually creating incidents is the way to go. Who needs fancy connectors or playbooks?
upvoted 0 times
...
Evangelina
4 days ago
I agree with Alona, creating an incident on FortiAnalyzer can be done using a connector action and manually on the Event Monitor page.
upvoted 0 times
...
Alona
7 days ago
I think the answer is A and B.
upvoted 0 times
...

Save Cancel