Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Fortinet Exam NSE5_FCT-7.0 Topic 6 Question 36 Discussion

Actual exam question for Fortinet's NSE5_FCT-7.0 exam
Question #: 36
Topic #: 6
[All NSE5_FCT-7.0 Questions]

Refer to the exhibits.

Based on the FortiGate Security Fabric settings shown in the exhibits, what must an administrator do on the EMS server to successfully quarantine an endpoint. when it is detected as a compromised host (loC)?

Show Suggested Answer Hide Answer
Suggested Answer: C

Contribute your Thoughts:

Niesha
10 months ago
Really? I didn't know that. Maybe it's better to enable it for added security.
upvoted 0 times
...
Kaitlyn
10 months ago
Actually, I believe real-time protection is disabled by default on FortiClient.
upvoted 0 times
...
Sharen
10 months ago
I agree with It makes sense to keep the signature database up to date for better protection.
upvoted 0 times
...
Niesha
10 months ago
I think the default behavior of real-time protection control is to update the AV signature database.
upvoted 0 times
...
Mabelle
10 months ago
Based on the options, it seems like real-time protection sends malicious files to FortiSandbox when they are not detected locally.
upvoted 0 times
...
Kimberely
10 months ago
But what if the file is not detected locally? Does it send it to FortiSandbox?
upvoted 0 times
...
Tijuana
10 months ago
I agree, it's important to keep the signature database up to date to protect against new threats.
upvoted 0 times
...
Buck
12 months ago
I think the default behavior is that real-time protection must update AV signature database.
upvoted 0 times
...
Leonora
1 years ago
Haha, I hear you, Valene. This question is really making me question my life choices. Maybe we should just start guessing and see what happens. After all, that's how I got through most of my college exams.
upvoted 0 times
...
Rosio
1 years ago
Hold on, I think I remember something about having to update the signature database from FortiSandbox. That sounds like the right answer to me. Let me double-check the documentation on that.
upvoted 0 times
Herminia
11 months ago
Actually, I remember reading that real-time protection sends malicious files to FortiSandbox. So, I believe that's the default behavior.
upvoted 0 times
...
Melvin
11 months ago
Are you sure about that? I thought real-time protection sends malicious files to FortiSandbox when the file is not detected locally.
upvoted 0 times
...
Eleonore
11 months ago
I think the default behavior is that real-time protection must update the signature database from FortiSandbox.
upvoted 0 times
...
...
Emiko
1 years ago
You guys are overthinking this. The real answer is that real-time protection is probably disabled by default on a Windows Server. Why would you need that kind of protection on a server?
upvoted 0 times
...
Marta
1 years ago
I'm not too sure about that. Wouldn't it make more sense for real-time protection to send any undetected malicious files to FortiSandbox for further analysis? That's what I would expect the default behavior to be.
upvoted 0 times
Nikita
12 months ago
C) Real-time protection is disabled
upvoted 0 times
...
Samira
12 months ago
I see your point. It could be beneficial to update the signature database from FortiSandbox.
upvoted 0 times
...
Kelvin
12 months ago
D) Real-time protection must update the signature database from FortiSandbox
upvoted 0 times
...
Shasta
12 months ago
But wouldn't it be more efficient to send unknown files to FortiSandbox?
upvoted 0 times
...
Devora
12 months ago
A) Real-time protection must update AV signature database
upvoted 0 times
...
Yuriko
12 months ago
That's a good point. It does make sense to send undetected files to FortiSandbox for further analysis.
upvoted 0 times
...
Lachelle
12 months ago
B) Real-time protection sends malicious files to FortiSandbox when the file is not detected locally
upvoted 0 times
...
...
Valene
1 years ago
You know, I'm starting to get a headache just thinking about this. Why are they asking us about the default behavior of real-time protection on a Windows Server? Shouldn't we be focused on more important topics, like how to optimize our FortiClient deployment for maximum security?
upvoted 0 times
...
Clorinda
1 years ago
Hold on, guys. Isn't option A also a possibility? I mean, the real-time protection would need to update the AV signature database to be effective, right? This question is really making me think.
upvoted 0 times
...
Corinne
1 years ago
Hmm, this is an interesting question. I think the default behavior of real-time protection control is that it must update the AV signature database. That seems like the most logical option to me.
upvoted 0 times
...
Harrison
1 years ago
Hmm, I'm not so sure. What if the question is trying to trick us? I'm leaning towards option D - updating the signature database from FortiSandbox. That seems like a logical default behavior for real-time protection.
upvoted 0 times
...
Ollie
1 years ago
I agree, option B seems to be the correct answer. FortiClient's real-time protection is designed to send unknown or suspicious files to FortiSandbox for analysis, rather than just disabling the feature entirely.
upvoted 0 times
...
Na
1 years ago
This question seems straightforward, but it's important to understand the default behavior of FortiClient's real-time protection on a Windows Server. I'm thinking option B sounds like the most likely default behavior.
upvoted 0 times
...

Save Cancel