FCSS – SOC Analyst 7.4 — Question 4

Which two ways can you create an incident on FortiAnalyzer? (Choose two.)

Answer options

• A. Using a custom event handler
• B. Using a connector action
• C. By running a playbook
• D. Manually, on the Event Monitor page

Correct answer: A, D

Explanation

The correct answer is A and D because incidents can be created by utilizing a custom event handler to automate responses or manually on the Event Monitor page for more direct control. Options B and C do not pertain to creating incidents directly, as connector actions and playbooks serve different purposes within the system.