Fortinet
FCNSP · Question #33
FCNSP Question #33: Real Exam Question with Answer & Explanation
Sign in or unlock FCNSP to reveal the answer and full explanation for question #33. The question stem and answer options stay visible for context.
Question
An administrator is examining the attack logs and notices the following entry: device_id=FG100A3907508962 log_id=18432 subtype=anomaly type=ips timestamp=1270017358 pri=alert itime=1270017893 severity=critical src=192.168.1.52 dst=64.64.64.64 src_int=internal serial=0 status=clear_session proto=6 service=http vd=root count=1 src_port=35094 dst_port=80 attack_id=100663402 sensor=protect-servers 1" policyid=0 carrier_ep=N/A profile=N/A dst_int=N/A user=N/A group=N/A Based solely upon this log message, which of the following statements is correct?
Options
- AThis attack was blocked by the HTTP protocol decoder.
- BThis attack was caught by the DoS sensor "protect-servers".
- CThis attack was launched against the FortiGate unit itself rather than a host behind the FortiGate unit.
- DThe number of concurrent connections to destination IP address 64.64.64.64 has exceeded the configured
Unlock FCNSP to see the answer
You've previewed enough free FCNSP questions. Unlock FCNSP for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.