Based on the FortiGate Security Fabric settings shown in the exhibits, what must an administrator do on the EMS server to successfully quarantine an endpoint. when it is detected as a compromised host (loC)?
Haha, I hear you, Valene. This question is really making me question my life choices. Maybe we should just start guessing and see what happens. After all, that's how I got through most of my college exams.
Hold on, I think I remember something about having to update the signature database from FortiSandbox. That sounds like the right answer to me. Let me double-check the documentation on that.
You guys are overthinking this. The real answer is that real-time protection is probably disabled by default on a Windows Server. Why would you need that kind of protection on a server?
I'm not too sure about that. Wouldn't it make more sense for real-time protection to send any undetected malicious files to FortiSandbox for further analysis? That's what I would expect the default behavior to be.
You know, I'm starting to get a headache just thinking about this. Why are they asking us about the default behavior of real-time protection on a Windows Server? Shouldn't we be focused on more important topics, like how to optimize our FortiClient deployment for maximum security?
Hold on, guys. Isn't option A also a possibility? I mean, the real-time protection would need to update the AV signature database to be effective, right? This question is really making me think.
Hmm, this is an interesting question. I think the default behavior of real-time protection control is that it must update the AV signature database. That seems like the most logical option to me.
Hmm, I'm not so sure. What if the question is trying to trick us? I'm leaning towards option D - updating the signature database from FortiSandbox. That seems like a logical default behavior for real-time protection.
I agree, option B seems to be the correct answer. FortiClient's real-time protection is designed to send unknown or suspicious files to FortiSandbox for analysis, rather than just disabling the feature entirely.
This question seems straightforward, but it's important to understand the default behavior of FortiClient's real-time protection on a Windows Server. I'm thinking option B sounds like the most likely default behavior.
upvoted 0 times
...
Log in to Pass4Success
Sign in:
Report Comment
Is the comment made by USERNAME spam or abusive?
Commenting
In order to participate in the comments you need to be logged-in.
You can sign-up or
login
Niesha
10 months agoKaitlyn
10 months agoSharen
10 months agoNiesha
10 months agoMabelle
10 months agoKimberely
10 months agoTijuana
10 months agoBuck
12 months agoLeonora
1 years agoRosio
1 years agoHerminia
11 months agoMelvin
11 months agoEleonore
11 months agoEmiko
1 years agoMarta
1 years agoNikita
12 months agoSamira
12 months agoKelvin
12 months agoShasta
12 months agoDevora
12 months agoYuriko
12 months agoLachelle
12 months agoValene
1 years agoClorinda
1 years agoCorinne
1 years agoHarrison
1 years agoOllie
1 years agoNa
1 years ago