BlackFriday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Fortinet Exam NSE5_FAZ-7.2 Topic 4 Question 22 Discussion

Actual exam question for Fortinet's NSE5_FAZ-7.2 exam
Question #: 22
Topic #: 4
[All NSE5_FAZ-7.2 Questions]

Which log will generate an event with the status Contained?

Show Suggested Answer Hide Answer
Suggested Answer: C

by Hailey at Jun 24, 2024, 07:58 PM

Limited Time Offer

25%

Off

Get Premium NSE5_FAZ-7.2 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Felicidad
4 months ago
Ha! You guys are hilarious. I bet half of you are just guessing. But I'll take my chances with C. Quarantine sounds like a good time to me.
upvoted 0 times
Aleisha
3 months ago
I agree with you, I'll choose C) An AV log with action=quarantine. Quarantine does sound like the right status.
upvoted 0 times
...
Rolande
3 months ago
I'll go with D) An AppControl log with action=blocked. Sounds like the right choice to me.
upvoted 0 times
...
Zachary
3 months ago
I'm going with B) A WebFilter log with action=dropped. That's gotta be it.
upvoted 0 times
...
Dulce
3 months ago
I think A) An IPS log with action=pass is the one that generates an event with the status Contained.
upvoted 0 times
...
Annette
3 months ago
I agree with you, C) An AV log with action=quarantine sounds like the right choice.
upvoted 0 times
...
Lachelle
3 months ago
I'm going with D) An AppControl log with action=blocked.
upvoted 0 times
...
Willodean
3 months ago
I think it's A) An IPS log with action=pass.
upvoted 0 times
...
Rebecka
3 months ago
I agree with you, C sounds like the most logical choice. Quarantine it is!
upvoted 0 times
...
Geraldine
4 months ago
I think D is the correct answer. Blocked sounds pretty final.
upvoted 0 times
...
Kanisha
4 months ago
I'm going with A. Pass seems like the right status.
upvoted 0 times
...
...
Viola
4 months ago
Nah, I think you're all missing the point. The AppControl log is where the magic happens. Blocked is the new black, am I right?
upvoted 0 times
Norah
3 months ago
I think the WebFilter log with action=dropped is also important, but AppControl log is definitely key.
upvoted 0 times
...
Lenita
4 months ago
I agree, AppControl log with action=blocked is where the real action is.
upvoted 0 times
...
...
Delisa
4 months ago
I agree with Ressie, the status Contained seems more likely to be generated by an IPS log with action=pass.
upvoted 0 times
...
Ressie
4 months ago
But the question specifically mentions the status Contained, which makes me think it's A.
upvoted 0 times
...
Denny
5 months ago
I disagree, I believe it's C) An AV log with action=quarantine.
upvoted 0 times
...
Tyisha
5 months ago
Dude, the WebFilter log is the real deal. Dropped connections are where the party's at.
upvoted 0 times
...
Mary
5 months ago
C'mon, everyone knows the AV log is where it's at for some Contained action. Quarantine all the way!
upvoted 0 times
Alfreda
4 months ago
No way, it's definitely the AV log with action=quarantine.
upvoted 0 times
...
Pearly
4 months ago
I think it's actually the IPS log with action=pass.
upvoted 0 times
...
...
Ressie
5 months ago
I think the answer is A) An IPS log with action=pass.
upvoted 0 times
...

Save Cancel