nse5_faz-72 Exam QuestionsBrowse all questions from this exam
Go to Exam

nse5_faz-72 Exam - Question 31

Refer to the exhibit.

Which statement is correct regarding the event displayed?

Show Answer
Correct Answer: AB

The event status is listed as 'Mitigated,' which means the security risk was addressed by being blocked or dropped. Therefore, the correct statement is that the security risk was blocked or dropped.

Discussion

4 comments
Sign in to comment
DCTOption: B
Feb 25, 2024

Answer is B Event status Description Unhandled The security event risk is not mitigated or contained, so it is considered open. Example: an IPS/AV log with action=pass will have the event status Unhandled. Botnet and IoC events are also considered Unhandled. Contained The risk source is isolated. Example: an AV log with action=quarantine will have the event status Contained. Mitigated The security risk is mitigated by being blocked or dropped. Example: an IPS/AV log with action=block/drop will have the event status Mitigated. (Blank) Other scenarios.

DCTOption: B
Feb 23, 2024

Answer is B Event status Description Unhandled The security event risk is not mitigated or contained, so it is considered open. Example: an IPS/AV log with action=pass will have the event status Unhandled. Botnet and IoC events are also considered Unhandled. Contained The risk source is isolated. Example: an AV log with action=quarantine will have the event status Contained. Mitigated The security risk is mitigated by being blocked or dropped. Example: an IPS/AV log with action=block/drop will have the event status Mitigated. (Blank) Other scenarios.

rian00z_Option: B
Apr 10, 2024

B is correct

Halmonte0780Option: B
May 19, 2024

FortiAnalyzer Analyst Study Guide for FortiAnalyzer 7.2 page 111