Exhibit.

Based on the partial outputs displayed, which devices can be members of a FortiAnalyzer Fabric?
Refer to the exhibit.

An analyst is using FortiView to look at the top threats recorded by FortiAnalyzer in the last 2 hours. What can the analyst conclude from the exhibit? (Choose one answer)
As part of your analysis, you discover that a Medium severity level incident is fully remediated.
You change the incident status to Closed:Remediated.
Which statement about your update is true?
Refer to the exhibits.

The event shown in the exhibit has been escalated to an incident.
Which SOC role is responsible for handling the escalated incident?
You are trying to configure a task in the playbook editor to run a report.
However, when you try to select the desired playbook, you do to see it listed.
What is the reason?
After generating a report, you notice the information you were expecting to see is not included in it. However, you confirm that the logs are there:
Which two actions should you perform? (Choose two.)
Exhibit.

What is the purpose of using the Chart Builder feature on FortiAnalyzer?
(An analyst is using FortiAI on FortiAnalyzer to simplify certain tasks but is worried about exceeding the monthly token limit. Which query will take the fewest FortiAI tokens? (Choose one answer)
Which statement correctly describes one difference between templates and reports?
(Refer to the exhibit.

Which two observations can you make after reviewing this log entry? (Choose two answers)
Refer to the exhibit.

An analyst is using FortiView to examine the top threats observed over the last 2 hours. What can the analyst conclude from the exhibit?
(Which two parameters does FortiAnalyzer use to identify an indicator of compromise (IOC)? (Choose two answers)