20 Questions
Which setting can be configured to avoid receiving repeat notifications about the same event?
Minimum-interval in seconds
What are the two types of automation triggers that can be created?
Preconfigured and custom
What is the default CPU utilization threshold for the set cpu-usage-threshold CLI command?
90%
What does the High_CPU_Trigger custom trigger identify?
When the FortiGate exceeds the CPU utilization threshold
What does the Admin_Login_Failure custom trigger identify?
When a user attempts to log in to FortiGate using an invalid password
What is the Collect_Diagnostics_Action custom automation action?
A custom CLI script consisting of various diagnostic commands
What is the Email_Diagnostics_Action custom automation action?
An action that sends an email message to staff to notify them that a FortiGate device has experienced a period of high CPU utilization
What is the purpose of automation stitches?
To define the event that instructs FortiOS to take one or more actions
What is the default CPU utilization threshold for the High_CPU_Trigger custom trigger?
90%
What is the purpose of the Collect_Diagnostics_Action custom automation action?
To run a custom CLI script consisting of various diagnostic commands that help to identify the cause of performance issues on FortiGate
Which device can trigger event handlers for automated actions in the Security Fabric?
Any device in the Security Fabric
What is the purpose of the Minimum interval setting in configuring automated actions?
To prevent the administrator from receiving repeat alert notifications about the same event
What are automated workflows in FortiOS called?
Stitches
Can stitches be configured for devices outside of the Security Fabric?
Yes, stitches can be configured for any device
Where should stitches be configured if a Security Fabric is present?
On all FortiGate devices in the Security Fabric
Do stitches need to be reconfigured on each leaf FortiGate device?
No, stitches configured on the root FortiGate are pushed to the relevant leaf FortiGate devices
What is the purpose of automation stitches in FortiOS?
To take appropriate action when the Security Fabric detects a threat or other actionable event
What are some examples of event sources that can trigger automation stitches?
FortiOS event logs with customizable filters, IoC’s, and event handlers from FortiAnalyzer
Is a Security Fabric required to use stitches in FortiOS?
No, a Security Fabric is not required to use stitches
Can automation stitches be used to detect events from sources outside of FortiOS?
Yes, automation stitches can detect events from many sources
Test your knowledge on configuring automated actions and event triggers in FortiOS with this quiz. Learn about setting minimum intervals, creating event handlers and stitches, and more.
Make Your Own Quizzes and Flashcards
Convert your notes into interactive study material.
Get started for free