Which log type does the FortiAnalyzer indicators of compromise feature use to identify infected hosts?
A . Antivirus logs
B . Web filter logs
C . IPS logs
D . Application control logs
Answer: A
Explanation:
The Indicators of Compromise (IoC) feature on FortiAnalyzer primarily utilizes Antivirus logs to identify infected hosts. Antivirus logs are crucial for this purpose as they contain detailed information about detected threats, including the type of malware, the infected files, and the actions taken by the antivirus software (such as quarantine or deletion). These logs provide the necessary data to analyze and determine if a host has been compromised, helping security administrators quickly respond to and mitigate potential security breaches.
Latest NSE5_FAZ-7.2 Dumps Valid Version with 120 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund