Page: 1
/ 8
Total 38 questions
Refer to the exhibit.
A FortiSIEM administrator wants to group some attributes for a report, but is not able to do so successfully.
As shown in the exhibit, why are some of the fields highlighted in red?
- A. The Event Receive Time attribute is not available for logs.
- B. The attribute COUNT (Matched event) is an invalid expression.
- C. Unique attributes cannot be grouped.
- D. No RAW Event Log attribute is available for devices.
Answer : C
In the rules engine, which condition instructs FortiSIEM to summarize and count the matching evaluated data?
- A. Time Window
- B. Aggregation
- C. Group By
- D. Filters
Answer : C
Refer to the exhibit.
How was the FortiGate device discovered by FortiSIEM?
- A. Through GUI log discovery
- B. Through syslog discovery
- C. Using the pull events method
- D. Through auto log discovery
Answer : A
Refer to the exhibit.
If events are grouped by Reporting IP, Event Type, and user attributes in FortiSIEM, how many results will be displayed?
- A. Seven results will be displayed.
- B. Three results will be displayed.
- C. Unique attribute cannot be grouped.
- D. Five results will be displayed.
Answer : D
31 days access 