Based on the event shown in the exhibit, which two statements about the event are true? (Choose two.)
Based on the event shown in the exhibit, which two statements about the event are true? (Choose two.)
The event is related to Training-eXtended Detection, which operates in simulation mode, and the playbooks are configured for this event, indicated by the device being moved automatically between collector groups.
the correct answer are B and D, FortiEDR study guide pag 96
that is incorrect, A and D are correct, the device was moved to the HSG (by playbook), it wasnt isolated
The correct answer are B and D Any policy in Simulation Mode, has the next label Simulation Device PC-X was moved from collector group Default-Group to collector group High Security Collector Group once Simulation Device PC-Y was isolated once In this case device wasnt isolated.
eXtended Detection Policy operates only in simulation mode, A&D are correct
A&D,I check the FortiEDR study guide pag 96,but i think A and D is correct
BD are the right answers study guide p96
A & D Correct
the correct answer is A and D.
the correct answer is A and D
first, it was an extended detection. So automation plays a rule here. Extended detections operates in simulation mode