Fortinet
FCSS_LED_AR-7.6 · Question #54
FCSS_LED_AR-7.6 Question #54: Real Exam Question with Answer & Explanation
Sign in or unlock FCSS_LED_AR-7.6 to reveal the answer and full explanation for question #54. The question stem and answer options stay visible for context.
Question
Refer to the exhibits. Examine the FortiGate configuration, FortiAnalyzer logs, and FortiGate widget shown in the exhibits. Security Fabhc quarantine automation has been configured to isolate compromised devices automatically. FortiAnalyzer has been added to the Security Fabric, and an automation stitch has been configured to quarantine compromised devices. To test the setup, a device with the IP address 10.0.2.1 that is connected through a managed FortiSwitch attempts to access a malicious website. The logs on FortiAnalyzer confirm that the event was recorded, but the device does not appear in the FortiGate quarantine widget. Which two reasons could explain why FortiGate is not quarantining the device? (Choose two.)
Exhibit
Options
- AThe IOC action should include only the FortiSwitch in the quarantine.
- BThe SSL inspection should be set to deep-Inspection
- CThe malicious website is not recognized as an indicator of compromise (IOC) by FortiAnalyzer.
- DThe threat detection services license is missing or invalid under FortiAnalyzer.
Unlock FCSS_LED_AR-7.6 to see the answer
You've previewed enough free FCSS_LED_AR-7.6 questions. Unlock FCSS_LED_AR-7.6 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.