Which step must the administrator take to achieve this task?

NSE7_OTS-7.2 V2 0 Comments

An OT administrator is defining an incident notification policy using FortiSIEM and would like to configure the system with a notification policy. If an incident occurs, the administrator would like to be able to intervene and block an IP address or disable a user in Active Directory from FortiSIEM.

Which step must the administrator take to achieve this task?
A . Configure a fabric connector with a notification policy on FortiSIEM to connect with FortiGate.
B . Create a notification policy and define a script/remediation on FortiSIEM.
C . Define a script/remediation on FortiManager and enable a notification rule on FortiSIEM.
D . Deploy a mitigation script on Active Directory and create a notification policy on FortiSIEM.

Answer: B

Explanation:

https://fusecommunity.fortinet.com/blogs/silviu/2022/04/12/fortisiempublishingscript

Latest NSE7_OTS-7.2 Dumps Valid Version with 49 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download NSE7_OTS-7.2 PDF     NSE7_OTS-7.2 Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments