Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25%
- Ends In
00:00:00
Coupon code:
SAVE25
X
Welcome to Pass4Success
Login
|
Sign up
-
Free
Preparation Discussions
Mail Us
support@pass4success.com
Location
PL
MENU
Home
Popular vendors
Salesforce
Microsoft
Nutanix
Cisco
Amazon
Google
CompTIA
SAP
VMware
Oracle
Fortinet
PeopleCert
Eccouncil
HP
Palo Alto Networks
Adobe
ISC2
ServiceNow
Dell EMC
CheckPoint
Discount Deals
New
About
Contact
Login
Sign up
Home
Discussions
Fortinet Discussions
Exam NSE5_FAZ-7.2 Topic 4 Question 22 Discussion
Fortinet Exam NSE5_FAZ-7.2 Topic 4 Question 22 Discussion
Actual exam question for Fortinet's NSE5_FAZ-7.2 exam
Question #: 22
Topic #: 4
[All NSE5_FAZ-7.2 Questions]
Which log will generate an event with the status Contained?
A
An IPS log with action=pass.
B
A WebFilter log with action=dropped.
C
An AV log with action=quarantine.
D
An AppControl log with action=blocked.
Show Suggested Answer
Hide Answer
Suggested Answer:
C
by
Hailey
at
Jun 24, 2024, 07:58 PM
Limited Time Offer
25%
Off
Get Premium NSE5_FAZ-7.2 Questions as Interactive Web-Based Practice Test or PDF
Contribute your Thoughts:
Submit
Cancel
Felicidad
5 months ago
Ha! You guys are hilarious. I bet half of you are just guessing. But I'll take my chances with C. Quarantine sounds like a good time to me.
upvoted
0
times
Aleisha
3 months ago
I agree with you, I'll choose C) An AV log with action=quarantine. Quarantine does sound like the right status.
upvoted
0
times
...
Rolande
3 months ago
I'll go with D) An AppControl log with action=blocked. Sounds like the right choice to me.
upvoted
0
times
...
Zachary
4 months ago
I'm going with B) A WebFilter log with action=dropped. That's gotta be it.
upvoted
0
times
...
Dulce
4 months ago
I think A) An IPS log with action=pass is the one that generates an event with the status Contained.
upvoted
0
times
...
Annette
4 months ago
I agree with you, C) An AV log with action=quarantine sounds like the right choice.
upvoted
0
times
...
Lachelle
4 months ago
I'm going with D) An AppControl log with action=blocked.
upvoted
0
times
...
Willodean
4 months ago
I think it's A) An IPS log with action=pass.
upvoted
0
times
...
Rebecka
4 months ago
I agree with you, C sounds like the most logical choice. Quarantine it is!
upvoted
0
times
...
Geraldine
4 months ago
I think D is the correct answer. Blocked sounds pretty final.
upvoted
0
times
...
Kanisha
4 months ago
I'm going with A. Pass seems like the right status.
upvoted
0
times
...
...
Viola
5 months ago
Nah, I think you're all missing the point. The AppControl log is where the magic happens. Blocked is the new black, am I right?
upvoted
0
times
Norah
4 months ago
I think the WebFilter log with action=dropped is also important, but AppControl log is definitely key.
upvoted
0
times
...
Lenita
4 months ago
I agree, AppControl log with action=blocked is where the real action is.
upvoted
0
times
...
...
Delisa
5 months ago
I agree with Ressie, the status Contained seems more likely to be generated by an IPS log with action=pass.
upvoted
0
times
...
Ressie
5 months ago
But the question specifically mentions the status Contained, which makes me think it's A.
upvoted
0
times
...
Denny
5 months ago
I disagree, I believe it's C) An AV log with action=quarantine.
upvoted
0
times
...
Tyisha
5 months ago
Dude, the WebFilter log is the real deal. Dropped connections are where the party's at.
upvoted
0
times
...
Mary
6 months ago
C'mon, everyone knows the AV log is where it's at for some Contained action. Quarantine all the way!
upvoted
0
times
Alfreda
5 months ago
No way, it's definitely the AV log with action=quarantine.
upvoted
0
times
...
Pearly
5 months ago
I think it's actually the IPS log with action=pass.
upvoted
0
times
...
...
Ressie
6 months ago
I think the answer is A) An IPS log with action=pass.
upvoted
0
times
...
Log in to Pass4Success
×
Sign in:
Forgot my password
Log in
Report Comment
×
Is the comment made by
USERNAME
spam or abusive?
Commenting
×
In order to participate in the comments you need to be logged-in.
You can
sign-up
or
login
Save
Cancel
az-700
pass4success
az-104
200-301
200-201
cissp
350-401
350-201
350-501
350-601
350-801
350-901
az-720
az-305
pl-300
Felicidad
5 months agoAleisha
3 months agoRolande
3 months agoZachary
4 months agoDulce
4 months agoAnnette
4 months agoLachelle
4 months agoWillodean
4 months agoRebecka
4 months agoGeraldine
4 months agoKanisha
4 months agoViola
5 months agoNorah
4 months agoLenita
4 months agoDelisa
5 months agoRessie
5 months agoDenny
5 months agoTyisha
5 months agoMary
6 months agoAlfreda
5 months agoPearly
5 months agoRessie
6 months ago