Fortinet
NSE7_SOC_AR-7.6 · Question #12
NSE7_SOC_AR-7.6 Question #12: Real Exam Question with Answer & Explanation
Sign in or unlock NSE7_SOC_AR-7.6 to reveal the answer and full explanation for question #12. The question stem and answer options stay visible for context.
Question
Refer to the exhibit. You notice that the custom event handler you configured to detect SMTP reconnaissance activities is creating a large number of events. This is overwhelming your notification system. How can you fix this?
Exhibit
Options
- AIncrease the trigger count so that it identifies and reduces the count triggered by a particular
- BDisable the custom event handler because it is not working as expected.
- CDecrease the time range that the custom event handler covers during the attack.
- DIncrease the log field value so that it looks for more unique field values when it creates the
Unlock NSE7_SOC_AR-7.6 to see the answer
You've previewed enough free NSE7_SOC_AR-7.6 questions. Unlock NSE7_SOC_AR-7.6 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.