20 Questions
Which chart allows administrators to narrow down what logs will be analyzed based on a time range?
Log Count Chart
What adjusts the details shown in the SIEM log table based on the selected time frame?
Log Count Chart
What section of the Threat Hunting dashboard displays the total log count during the specified time range?
Log Count Chart
How can you zoom in and out on the displayed time range in the Log Count chart?
All of the above
What logs are shown in the SIEM log analytics table?
Only logs displayed within the time period visible in the chart
What information is displayed in the left pane of the SIEM log analytics table?
List of fields of interest
What can you do by double-clicking an item in the SIEM log analytics table?
Open the detailed log information
What does the resulting view of the detailed log information include?
Filtering functions available in Log View
What statistics are displayed in the SIEM log analytics table?
Count; number of logs, percentage, sent bytes, and session duration information
What is the purpose of the Log Count chart?
To display the total log count during the specified time range
According to the text, what is the purpose of the FortiAnalyzer Outbreak Detection Service?
To detect and respond to emerging outbreaks
Based on the text, what is the purpose of reports in FortiAnalyzer?
To summarize large amounts of logged data
According to the text, what triggered the creation of a new incident in the SOC team?
Discovery of DNS tunnelling
Based on the MITRE ATT&CK framework, which tactic and technique were used in the example?
Exfiltration over alternative protocol and DNS tunnelling
What did the analyst use to discover the unusual amount of DNS traffic?
Log Chart
What action did the SOC team take after determining the host had been compromised?
Start containment and eradication steps
According to the text, what is the purpose of the Outbreak Detection Service?
To detect and respond to emerging outbreaks
What does the Log Chart help the analyst discover?
Unusual amount of DNS traffic
What information did the DNS logs reveal about the abnormal DNS traffic?
The source IP address
What does the FortiAnalyzer retrieve and present in reports?
Patterns and trends in network activity
Test your knowledge on Log Count Charts and their functionality in analyzing logs based on time ranges. Learn how to use the Log Count chart in a SIEM log table and explore its role in the Threat Hunting dashboard.
Make Your Own Quizzes and Flashcards
Convert your notes into interactive study material.
Get started for free