Fortinet FCSS_SOC_AN-7.4 Practice Test - Questions Answers, Page 3

Refer to the exhibits.

The FortiMail Sender Blocklist playbook is configured to take manual input and add those entries to the FortiMail abc. com domain-level block list. The playbook is configured to use a FortiMail connector and the ADD_SENDER_TO_BLOCKLIST action.

Why is the FortiMail Sender Blocklist playbook execution failing7

Which two ways can you create an incident on FortiAnalyzer? (Choose two.)

Which statement best describes the MITRE ATT&CK framework?

Exhibit:

Which observation about this FortiAnalyzer Fabric deployment architecture is true?

Which FortiAnalyzer feature uses the SIEM database for advance log analytics and monitoring?

Refer to the exhibits.

You configured a custom event handler and an associated rule to generate events whenever FortiMail detects spam emails. However, you notice that the event handler is generating events for both spam emails and clean emails.

Which change must you make in the rule so that it detects only spam emails?

When does FortiAnalyzer generate an event?

A customer wants FortiAnalyzer to run an automation stitch that executes a CLI command on FortiGate to block a predefined list of URLs, if a botnet command-and-control (C&C) server IP is detected.

Which FortiAnalyzer feature must you use to start this automation process?

Refer to the exhibit.

Which two options describe how the Update Asset and Identity Database playbook is configured? (Choose two.)