Podcast
Questions and Answers
Which type of incidents can you correlate using custom Purdue-level business services?
Which type of incidents can you correlate using custom Purdue-level business services?
- I.T incidents only
- O.T incidents only
- Security incidents
- I.T and O.T incidents (correct)
How many groups have been created based on the Purdue model for custom O.T business services?
How many groups have been created based on the Purdue model for custom O.T business services?
- Seven groups
- Four groups
- Five groups
- Six groups (correct)
What devices are listed as Purdue level 1 devices in the example shown on the slide?
What devices are listed as Purdue level 1 devices in the example shown on the slide?
- PLC1-PCN-A1 (correct)
- PLC1-PCN-A4
- PLC1-PCN-A2
- PLC1-PCN-A3
Which search operators can be used in analytical searches?
Which search operators can be used in analytical searches?
What can you use data aggregation for in FortiSIEM?
What can you use data aggregation for in FortiSIEM?
What process does data aggregation involve?
What process does data aggregation involve?
What is the purpose of CMDB Lookups in analytics?
What is the purpose of CMDB Lookups in analytics?
Which IP-addresses are used in the example for event filtering?
Which IP-addresses are used in the example for event filtering?
What is the purpose of business services in analytical searches?
What is the purpose of business services in analytical searches?
What mathematical operations can be performed using data aggregation in FortiSIEM?
What mathematical operations can be performed using data aggregation in FortiSIEM?
Which mathematical operations can be performed using FortiSIEM?
Which mathematical operations can be performed using FortiSIEM?
What can you use data aggregation for in FortiSIEM?
What can you use data aggregation for in FortiSIEM?
Which function expression can be used to calculate the average temperature in Fahrenheit?
Which function expression can be used to calculate the average temperature in Fahrenheit?
What is the purpose of setting up a structured query for host IP and event type temperature over a three-hour period?
What is the purpose of setting up a structured query for host IP and event type temperature over a three-hour period?
Which attributes should be selected in the Display Fields section for Group By in order to see the average temperature count values for each hardware component of the fuel server?
Which attributes should be selected in the Display Fields section for Group By in order to see the average temperature count values for each hardware component of the fuel server?
What does the COUNT aggregation function calculate in FortiSIEM?
What does the COUNT aggregation function calculate in FortiSIEM?
How often are the events being polled in the example?
How often are the events being polled in the example?
What values were taken for each event in the example?
What values were taken for each event in the example?
What type of data does FortiSIEM provide aggregation capabilities for?
What type of data does FortiSIEM provide aggregation capabilities for?
What does the AVG aggregation function calculate in FortiSIEM?
What does the AVG aggregation function calculate in FortiSIEM?
