nse5_faz-70 Exam QuestionsBrowse all questions from this exam
Go to Exam

nse5_faz-70 Exam - Question 26

Refer to the exhibits.

How many events will be added to the incident created after running this playbook?

Show Answer
Correct Answer: BD

The playbook specifies that events should match the criteria of having a severity of Medium, an event type of IPS, and a tag of Intrusion. From the exhibits, there are a total of 10 events that meet all these conditions. Therefore, 10 events will be added to the incident created after running this playbook.

Discussion

11 comments
Sign in to comment
BaraoAzulOption: B
Nov 29, 2022

I count 10 Intrusion + IPS + Medium. That would be B.

D10SJokerOption: B
Dec 6, 2022

B is correct

soporte127
Apr 2, 2023

why b?

MickderOption: A
Jul 26, 2023

I think that A should be correct https://docs.fortinet.com/document/fortianalyzer/7.4.0/administration-guide/337904/understanding-event-statuses Mitigated: The security risk is mitigated by being blocked or dropped. Example: an IPS/AV log with action=block/drop will have the event status Mitigated.

LiliRoseOption: B
Aug 16, 2023

Match all conditions: Intrusion + IPS + Medium: 10

ulya_taliesinOption: B
Nov 24, 2022

I think her is B

wayne0926Option: C
Nov 25, 2022

Correct Ans: C

ulya_taliesinOption: C
Nov 27, 2022

yes C is correct !

M1gu3l
Dec 5, 2022

Why C?

cannoeOption: B
Dec 6, 2022

I think the answer is B (Intrusion + IPS + Medium)

Ronnie89Option: A
Dec 11, 2022

Will the playbook add mitigated events? Or does it need to be just unhandled? Cause it could be A

truserudOption: A
Jan 30, 2023

A is correct, as all events which match the filters are mitigated, and thus no incidents will be created when running the playbook.

PiotrSwiOption: B
Feb 4, 2024

B - Correct.