Refer to the exhibit showing a FortiSOAR playbook.
You are investigating a suspicious e-mail alert on FortiSOAR, and after reviewing the executed playbook, you can see that it requires intervention.
What should be your next step?
The exhibited playbook requires intervention, which means that the playbook has reached a point where it needs a human operator to take action. The next step should be to go to the Incident Response tasks dashboard and run the pending actions. This will allow you to see the pending actions that need to be taken and to take those actions.
The other options are not correct. Option B will only show you the notification icon, but it will not allow you to run the pending input action. Option C will run the Mark Drive by Download playbook action, but this is not the correct action to take in this case. Option D is not a valid option.
Here are some additional details about pending actions in FortiSOAR:
Pending actions are actions that need to be taken by a human operator.
Pending actions are displayed in the Incident Response tasks dashboard.
Pending actions can be run by clicking on the action in the dashboard.
Billy
2 months agoRosalind
2 months agoDaniel
29 days agoAlise
1 months agoCherri
2 months agoTruman
2 months agoClarinda
1 months agoLilli
2 months agoMerilyn
2 months agoLezlie
3 months agoYuette
3 months agoRodolfo
1 months agoBrice
2 months agoWillard
2 months agoMertie
2 months agoCordelia
2 months agoCharlesetta
2 months agoRaul
2 months agoValentin
3 months agoOlive
3 months agoAfton
3 months ago