View all questions & answers for the NSE 5 - FortiAnalyzer 7.4 Analyst Exam Materials exam


NSE 5 - FortiAnalyzer 7.4 Analyst Exam Materials-Question 45 Discussion

What happens when the indicator of compromise (IOC) engine on FortiAnalyzer finds web logs that match blacklisted IP addresses? (Choose one answer)

  • A. The endpoint is marked as Compromised and, optionally, can be put in quarantine.
  • B. A new Infected entry is added for the corresponding endpoint under Compromised Hosts.
  • C. The detection engine classifies those logs as Suspicious.
  • D. FortiAnalyzer flags the associated host for further analysis.
Correct Answer: B

Brave-Dump Clients Votes

B 100%

Comments



Ibrahim Eldesoki 2025-04-07 14:00:22

Selected Answers: B


B ok, Study guide: The breach detection engine on FortiAnalyzer uses Fortiguard Threat DEtection Service (TDS) intelligence to analyze web filter logs for breach detection...When the threat match is found, a threat score is given to the end user based on the overall ranking score from TDS