Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Fortinet Exam NSE5_FAZ-7.2 Topic 3 Question 12 Discussion

Actual exam question for Fortinet's NSE5_FAZ-7.2 exam
Question #: 12
Topic #: 3
[All NSE5_FAZ-7.2 Questions]

Which log will generate an event with the status Contained?

Show Suggested Answer Hide Answer
Suggested Answer: C

by Alishia at Jan 27, 2024, 01:05 AM

Limited Time Offer

25%

Off

Get Premium NSE5_FAZ-7.2 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Leigha
8 days ago
Yeah, I agree. I'm going to go with B) WebFilter log with action=dropped. It just feels more intuitive to me that a 'Contained' event would be associated with a dropped action, rather than a quarantine.
upvoted 0 times
...
Carmen
9 days ago
You know, I was thinking the same thing. The WebFilter log with action=dropped could also be a valid answer. This exam is really trying to trip us up with these subtle differences.
upvoted 0 times
...
Lucy
10 days ago
I'm not so sure about that. Wouldn't a WebFilter log with action=dropped also generate a 'Contained' event? The question doesn't specify the type of log, just that it should generate a 'Contained' event.
upvoted 0 times
...
Leota
11 days ago
Hmm, this is a tricky one. I think the answer is C) An AV log with action=quarantine. That would generate a 'Contained' event, right? The other options don't seem to fit the description.
upvoted 0 times
...

Save Cancel