An administrator on your team has configured multiple reports to run periodically. Management has an additional request that all new generated reports be sent to a company email inbox for accessibility. The mail server has already been configured on FortiAnalyzer.
Which item must configure on FortiAnalyzer so that emails are sent when the reports are generated?
After generating a report, you notice the information you were expecting to see is not included in it. However, you confirm that the logs are there.
What is the purpose of playbook trigger variables?
Exhibit.


Assume these are all the events that exist on the FortiAnalyzer device.
How many events will be added to the incident created after running this playbook?
Refer to the exhibit with partial output:

Your colleague exported a playbook and has sent it to you for review. You open the file in a text editor and observer the output as shown in the exhibit.
Which statement about the export is true?
As part of your analysis, you discover that an incident is a false positive.
You change the incident status to Closed: False Positive.
Which statement about your update is true?
Refer to the exhibit.

What can you conclude from this output? (Choose one answer)
As part of your analysis, you discover that a Medium severity level incident is fully remediated.
You change the incident status to Closed:Remediated.
Which statement about your update is true?
(Which two parameters does FortiAnalyzer use to identify an indicator of compromise (IOC)? (Choose two answers)
Refer to the exhibit.

What conclusion can you draw from the exhibit?
|
PDF + Testing Engine
|
|---|
|
$49.5 |
|
Testing Engine
|
|---|
|
$37.5 |
|
PDF (Q&A)
|
|---|
|
$31.5 |
Fortinet Free Exams |
|---|
|