ExamTopics Logo
Mail Us[email protected]
Menu
Fortinet Discussions
exam questions

Exam NSE5_FAZ-7.2 All Questions

View all questions & answers for the NSE5_FAZ-7.2 exam
Go to Exam

Exam NSE5_FAZ-7.2 topic 1 question 25 discussion

Actual exam question from Fortinet's NSE5_FAZ-7.2
Question #: 25
Topic #: 1
[All NSE5_FAZ-7.2 Questions]

What happens when the IOC breach detection engine on FortiAnalyzer finds web logs that match a blocklisted IP address?

  • A. The endpoint is marked as Compromised and, optionally, can be put in quarantine.
  • B. FortiAnalyzer flags the associated host for further analysis.
  • C. A new Infected entry is added for the corresponding endpoint.
  • D. The detection engine classifies those logs as Suspicious.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by amiranda46 at Nov. 8, 2023, 5:17 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Alexh07
2 months, 3 weeks ago
Selected Answer: C
Answer Correct is C In FortiAnalyzer Analyst 7.2 Study Guide, p. 73 "The breach detection engine on FortiAnalyzer uses Fortiguard Threat DEtection Service (TDS) intelligence to analyze web filter logs for breach detection...When the threat match is found, a threat score is given to the end user based on the overall ranking score from TDS"
upvoted 2 times
...
[Removed]
2 months, 4 weeks ago
Selected Answer: C
C is correct
upvoted 1 times
...
LAFNELL
6 months, 1 week ago
Selected Answer: C
C is correct
upvoted 1 times
...
Thomas_2020
6 months, 4 weeks ago
C correct
upvoted 1 times
...
r_jordan
7 months ago
Selected Answer: C
C is correct
upvoted 2 times
...
paytenj10
7 months ago
If a match is found in the blacklist, then FortiAnalyzer displays the endpoint in Compromised Hosts with a Verdict of Infected. The answer is C
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago