Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

Fortinet Exam NSE8_812 Topic 4 Question 42 Discussion

Actual exam question for Fortinet's NSE8_812 exam
Question #: 42
Topic #: 4
[All NSE8_812 Questions]

Refer to the exhibit showing a FortiSOAR playbook.

You are investigating a suspicious e-mail alert on FortiSOAR, and after reviewing the executed playbook, you can see that it requires intervention.

What should be your next step?

Show Suggested Answer Hide Answer
Suggested Answer: A

The exhibited playbook requires intervention, which means that the playbook has reached a point where it needs a human operator to take action. The next step should be to go to the Incident Response tasks dashboard and run the pending actions. This will allow you to see the pending actions that need to be taken and to take those actions.

The other options are not correct. Option B will only show you the notification icon, but it will not allow you to run the pending input action. Option C will run the Mark Drive by Download playbook action, but this is not the correct action to take in this case. Option D is not a valid option.

Here are some additional details about pending actions in FortiSOAR:

Pending actions are actions that need to be taken by a human operator.

Pending actions are displayed in the Incident Response tasks dashboard.

Pending actions can be run by clicking on the action in the dashboard.


by Princess at Feb 08, 2025, 07:42 PM

Limited Time Offer

25%

Off

Get Premium NSE8_812 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Wilda
6 days ago
D? Really? Replying to the email? That's like trying to put out a forest fire with a squirt gun. No, no, no, gotta be B, that's the only sensible option here.
upvoted 0 times
...
Lucina
9 days ago
I'd say A is the play. Gotta head over to that Incident Response dashboard and take care of business. Can't leave those actions hanging, you know?
upvoted 0 times
...
Sheldon
14 days ago
I'm not sure, but I think option B) Click on the notification icon on FortiSOAR GUI and run the pending input action could also be a valid choice.
upvoted 0 times
...
Theodora
21 days ago
I agree with Inocencia. Running the pending actions seems like the most logical next step.
upvoted 0 times
...
Shaniqua
21 days ago
Hmm, looks like option B is the way to go here. Click on that notification icon and get those pending actions running! Better not let those playbook tasks sit around collecting dust.
upvoted 0 times
Lavonna
1 days ago
User 1: I agree, option B seems like the most efficient choice.
upvoted 0 times
...
...
Inocencia
24 days ago
I think the next step should be A) Go to the Incident Response tasks dashboard and run the pending actions.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77