FCSS – SOC Analyst 7.4 — Question 8

Which statement describes automation stitch integration between FortiGate and FortiAnalyzer?

Answer options

• A. An automation stitch is configured on FortiAnalyzer and mapped to FortiGate using the FortiOS connector.
• B. An event handler on FortiAnalyzer is configured to send a notification to FortiGate to trigger an automation stitch.
• C. A security profile on FortiGate triggers a violation and FortiGate sends a webhook call to FortiAnalyzer.
• D. An event handler on FortiAnalyzer executes an automation stitch when an event is created.

Correct answer: B

Explanation

The correct answer, B, is right because it highlights that an event handler on FortiAnalyzer is responsible for notifying FortiGate to start the automation stitch. Option A incorrectly states that the automation stitch is mapped from FortiAnalyzer to FortiGate, while C misrepresents the triggering process by focusing on a webhook call instead of the event handler. Option D, while related, does not accurately capture the notification aspect between the two devices.