Refer to the exhibit.
Based on the Security Fabric automation settings, what action will be taken on compromised endpoints?
Based on the Security Fabric automation settings shown in the exhibit:
The automation stitch is configured with a trigger for a 'Compromised Host.'
The action specified for this trigger is 'Quarantine FortiClient via EMS.'
This indicates that when an endpoint is detected as compromised, FortiClient EMS will quarantine the endpoint as part of the automation process.
Therefore, the action taken on compromised endpoints will be to quarantine them through EMS.
Reference
FortiGate Security 7.2 Study Guide, Automation Stitches and Actions Section
Fortinet Documentation on Configuring Automation Stitches and Quarantine Actions
Whitney
6 months agoEssie
6 months agoVelda
5 months agoGraciela
5 months agoMarkus
6 months agoHollis
5 months agoDyan
5 months agoMaybelle
5 months agoMozell
5 months agoLynette
6 months agoCassandra
6 months agoXochitl
6 months agoRosamond
6 months agoDalene
6 months agoSylvia
6 months agoTeresita
6 months agoAleisha
6 months agoWillard
6 months agoAleisha
6 months agoTegan
6 months agoLynda
6 months agoMabel
6 months agoFrederick
6 months agoMireya
6 months ago