NSE 5 – FortiSIEM 5.2 — Question 7

In the rules engine, which condition instructs FortiSIEM to summarize and count the matching evaluated data?

Answer options

• A. Time Window
• B. Aggregation
• C. Group By
• D. Filters

Correct answer: C

Explanation

The correct answer is C, Group By, as it allows for the summarization and counting of data based on specified attributes. Option A, Time Window, refers to the duration for which data is evaluated, while B, Aggregation, involves combining data but not necessarily counting it. D, Filters, are used to exclude certain data points rather than summarize them.