Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Fortinet Exam FCP_FAZ_AN-7.4 Topic 2 Question 9 Discussion

Actual exam question for Fortinet's FCP_FAZ_AN-7.4 exam
Question #: 9
Topic #: 2
[All FCP_FAZ_AN-7.4 Questions]

What happens when the indicator of compromise (IOC) engine on FortiAnalyzer finds web logs that match blacklisted IP addresses?

Show Suggested Answer Hide Answer
Suggested Answer: B

Contribute your Thoughts:

Antonio
10 days ago
Option D is the way to go. Quarantining the compromised endpoint is the best way to prevent further damage. Hopefully, the user has a good warranty on their device.
upvoted 0 times
...
Hillary
13 days ago
C is my pick. Classifying the logs as suspicious is a good first step, but I'd expect more actions to be taken as well.
upvoted 0 times
...
Gladis
14 days ago
Haha, I bet the correct answer is actually that the FortiAnalyzer orders a pizza for the suspicious user. Gotta keep those hackers fed, right?
upvoted 0 times
Mila
2 days ago
A) FortiAnalyzer flags the associated host for further analysis.
upvoted 0 times
...
...
Pamela
23 days ago
I believe the answer is D) The endpoint is marked as Compromised and can be put in quarantine, to prevent further damage.
upvoted 0 times
...
Cheryl
24 days ago
I agree with Dean, because it makes sense to investigate further when a blacklisted IP address is detected.
upvoted 0 times
...
Gail
30 days ago
I'm going with B. Adding a new infected entry under Compromised Hosts helps keep track of the issue and take appropriate action.
upvoted 0 times
...
Stephanie
1 months ago
Option D seems like the most comprehensive response. Marking the endpoint as compromised and the ability to quarantine it is a crucial security measure.
upvoted 0 times
Nicolette
9 days ago
B) A new infected entry is added for the corresponding endpoint under Compromised Hosts.
upvoted 0 times
...
Abraham
22 days ago
A) FortiAnalyzer flags the associated host for further analysis.
upvoted 0 times
...
...
Dean
1 months ago
I think the answer is A) FortiAnalyzer flags the associated host for further analysis.
upvoted 0 times
...

Save Cancel