Mastering Automation Stitches for Network Threat Monitoring

Questions and Answers

Which view in the FortiGate GUI displays the physical structure of your network and the connections between devices?

• Device Management view
• Physical Topology view (correct)
• Logical Topology view
• Security Fabric Rating view

What can you do in the topology views of the FortiGate GUI?

• Authorize or deauthorize access devices
• Upgrade devices
• Connect to device CLI
• All of the above (correct)

Which devices are shown in the topology views of the FortiGate GUI?

• Devices with a security rating license
• All devices in the network
• FortiSwitch and FortiAP only (correct)
• Fortinet and non-Fortinet devices

What are the three major scorecards in the Security Fabric Rating?

Security Posture, Fabric Coverage, Optimization (D)

What does clicking a scorecard in the Security Fabric Rating do?

Displays itemized results and compliance recommendations (D)

What is required to access the security rating service?

A security rating license (A)

What can you do with the Security Fabric topology views in the FortiGate GUI?

All of the above (D)

Which of the following is NOT an example of a source that can trigger an automation stitch?

Database queries (C)

What is the default CPU utilization threshold for the High_CPU_Trigger custom automation trigger?

90% (C)

Which of the following is NOT a part of the Collect_Diagnostics_Action custom automation action?

Sending an email notification (C)

What happens if there is a failure in any action during sequential execution of automation actions?

Execution stops and no further actions are processed (D)

Can action parameters from previous actions be used as input in parallel execution of automation actions?

No (D)

How many triggers can be selected for a single automation stitch?

Only 1 (B)

How are multiple automation actions executed in a stitch?

In parallel (C)

Which type of execution allows you to configure a delay between actions?

Sequential execution (A)

What happens when using sequential execution in the FortiGate GUI?

Actions are executed in order (C)

What occurs after the High_CPU_Trigger in the example shown on the slide?

Collect_Diagnostics_Action runs (D)

What is the purpose of the 30-second delay in the example?

To allow time for CLI diagnostic commands to finish (C)

What does the Email_Diagnostics_Action use as a parameter for the email message?

Output of CLI diagnostic commands (D)

In the FortiGate GUI, what does parallel execution allow you to do?

Execute actions simultaneously (D)

What is the purpose of the automation stitch in the example?

To execute actions sequentially (A)

What can you do with action parameters when using sequential execution?

Use parameters from previous actions as input for the current action (B)

What forms the body of the email message in the example?

%%results%% (B)

Which of the following is NOT one of the major scorecards in the Security Rating page?

Compliance Recommendations (B)

What does the Security Posture scorecard on the Security Rating page provide?

Executive summary of security focus areas (D)

What does the term 'customer ranking' refer to in the context of the security audit information?

Ranking of customers based on security audit data (C)

What can be done using automation stitches in the Security Fabric?

Automatic response to preprogrammed events (A)

Where should stitches be configured in a Security Fabric?

On the root FortiGate (D)

What is the purpose of configuring the Minimum interval setting for stitches?

To prevent repeat alert notifications (A)

Is a Security Fabric a requirement to use stitches?

No (B)