Fortinet Exam FCP_FCT_AD-7.2 Topic 3 Question 12 Discussion

Actual exam question for Fortinet's FCP_FCT_AD-7.2 exam

Question #: 12
Topic #: 3

Refer to the exhibit.

Based on the settings shown in the exhibit what action will FortiClient take when it detects that a user is trying to download an infected file?

ABlocks the infected files as it is downloading

BQuarantines the infected files and logs all access attempts

CSends the infected file to FortiGuard for analysis

DAllows the infected file to download without scan

Show Suggested Answer

Suggested Answer: A

Based on the FortiClient logs shown in the exhibit:

The first log entry shows the application 'firefox.exe' trying to access a destination IP, with the threat identified as 'Twitter.'

The action taken by the application firewall is 'blocked' with the event type 'appfirewall.'

This indicates that the application firewall has blocked access to Twitter.

Reference

FortiClient EMS 7.2 Study Guide, Application Firewall Logs Section

Fortinet Documentation on Interpreting FortiClient Logs

by Jacinta at Aug 23, 2024, 11:14 AM

Limited Time Offer

25%

Off

Contribute your Thoughts:

Submit Cancel

3 days ago

Wow, this question is really testing my FortiClient knowledge! I better not download any infected files, that's for sure.

upvoted 0 times

...

12 days ago

I'm not sure, but I think C) Sends the infected file to FortiGuard for analysis could also be a good option to prevent future infections.

upvoted 0 times

...

13 days ago

I agree with Delisa, because quarantining the infected files will prevent further harm.

upvoted 0 times

...

14 days ago

I think the answer is B) Quarantines the infected files and logs all access attempts.

upvoted 0 times

...