In a FortiSandbox integration, what does the remediation option do?
In a FortiSandbox integration, what does the remediation option do?
In a FortiSandbox integration, the remediation option refers to actions taken when a file is detected as malicious. The available actions typically include quarantining the infected file or alerting and notifying administrators. Since the option of quarantining is not provided among the choices, the correct answer is alerting and notifying only.
Under 'Remediation Options' section, there are only two options (Quarantine infected files, Alert & Notify only). https://docs.fortinet.com/document/forticlient/6.0.0/administration-guide/657996/configuring-submission-access-and-remediation#:~:text=disable%20this%20feature.-,Remediation%20Options,-Quarantine%20infected%20files
yes, I think it is C, although it had to wait to FortiSandbox veredict, finally the options on Remediation are just those 2: https://docs.fortinet.com/document/forticlient/7.2.0/ems-administration-guide/836582/sandbox (quarantine or Alert&Notify)
The Answer IS B Wait for FortiSandbox results before allowing file access see fortinet docs: https://docs.fortinet.com/document/forticlient/6.0.0/administration-guide/657996/configuring-submission-access-and-remediation
according the link,the Answer is C
I agree with this. Alert & Notify is one of the things remediation options can do. Both options must wait for fortisandbox to process the results before doing either option.
P.191 of FCT Study Guide 7.0
In the Study Guide, it is said: "The Remediation Actions setting allows you to select either Quarantine or Alert & Notify when a malicious file is detected." Since the answers do not have the Quarantine option, answer C is the correct one.