Which two actions should an administrator take to view Compromised Hosts on FortiAnalyzer? (Choose two.)
Which two actions should an administrator take to view Compromised Hosts on FortiAnalyzer? (Choose two.)
To view Compromised Hosts on FortiAnalyzer, an administrator should enable web filtering in firewall policies on FortiGate devices and ensure these logs are sent to FortiAnalyzer. This allows FortiAnalyzer to capture and analyze web traffic for potential threats. Additionally, enabling device detection on the FortiGate devices that are sending logs to FortiAnalyzer is crucial. Device detection helps in identifying and keeping track of endpoints, which is essential for monitoring compromised hosts effectively.
A: FortiAnalyzer downloads threat intelligence FortiGuard package (TDS) every day B: FortiAnalyzer runs real-time threat detection when it receives logs from the FortiGate web filter Reference: FortiAnalyzer Analyst Study Guide for FortiAnalyzer 7.2
A and B
A and B are correct. FortiAnalyzer Analyst Study Guide for FortiAnalyzer 7.2, p. 73
A and B are correct. FortiAnalyzer Analyst Study Guide for FortiAnalyzer 7.2, p. 73