NSE 7 – OT Security 6.4 — Question 32
An OT administrator deployed many devices to secure the OT network. However, the SOC team is reporting that there are too many alerts, and that many of the alerts are false positive. The OT administrator would like to find a solution that eliminates repetitive tasks, improves efficiency, saves time, and saves resources.
Which products should the administrator deploy to address these issues and automate most of the manual tasks done by the SOC team?
Answer options
- A. FortiSIEM and FortiManager
- B. FortiSandbox and FortiSIEM
- C. FortiSOAR and FortiSIEM
- D. A syslog server and FortiSIEM
Correct answer: C
Explanation
The correct answer is C, as FortiSOAR is specifically designed for security orchestration, automation, and response, which can significantly reduce manual tasks and improve operational efficiency for the SOC team. Options A and B do not focus on automation to the same extent, and D, while providing some logging capabilities, lacks the automation features needed to address the high number of alerts effectively.