- fortinet-fcss-soc-an-7.4-exam-questions-58
Search  

fortinet-fcss-soc-an-7.4-exam-questions-58 
Sunday, May 11, 2025, 13:28 - FCSS-Security Operations 7.4
Posted by Administrator
Download
Security_Operations_7.4_Analyst_Exam_Description.pdf

Question :58
Refer to the exhibit.

You notice that the custom event handler you confured to detect SMITP reconnaissance activities is creating a larger of events. This is overwhelming your notfication system.
How can you fix this?



A. Decrease the time range that the custom event handler covers during the attack.
B. Disable the custom event handler because it is not working as expected.
C. Increase the trigger count so that it identifies and reduces the count triggered by a particular group.
D. Increase the log field value so that it looks for more unique field values when it creates the event.


TOP














Ans:C

[ add comment ]   |  permalink  |  print article  |  related link  |   ( 3 / 1 )

<<First <Back | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | Next> Last>>