- fortinet-fcss-soc-an-7.4-exam-questions-33
Search  

fortinet-fcss-soc-an-7.4-exam-questions-33 
Sunday, May 11, 2025, 11:38 - FCSS-Security Operations 7.4
Posted by Administrator
Download
Security_Operations_7.4_Analyst_Exam_Description.pdf

Question :33


Refer to the exhibit.


You notice that the custom event handler you configured to detect SMTP reconnaissance activities is creating a large number of events. This is overwhelming your notifi cation system.

A. Increase the trigger count so that it identifi es and reduces the count triggered by a particular group.
B. Disable the custom event handler because it is not working as expected.
C. Decrease the time range that the custom event handler covers during the attack.
D. Increase the log fi eld value so that it looks for more unique fi eld values when it creates the event.



TOP




















Ans:A



[ add comment ]   |  permalink  |  print article  |  related link  |   ( 3.1 / 72 )

<<First <Back | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | Next> Last>>