Which two statements about FortiSoC and SOAR features on FortiAnalyzer are true?

An administrator wants to use FortiSoC and SOAR features on a FortiAnalyzer device to detect and block any unauthorized access to FortiGate devices in an OT network.

Which two statements about FortiSoC and SOAR features on FortiAnalyzer are true? (Choose two.)
A . You must set correct operator in event handler to trigger an event.
B . You can automate SOC tasks through playbooks.
C . Each playbook can include multiple triggers.
D . You cannot use Windows and Linux hosts security events with FortiSoC.

Answer: A,B

Explanation:

Ref: https://docs.fortinet.com/document/fortianalyzer/7.0.0/administration-guide/268882/fortisoc

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments