FCP – FortiAnalyzer Analyst 7.6 — Question 12

Which two actions should you take to view compromised hosts on FortiAnalyzer? (Choose two.)

Answer options

• A. Enable device detection on FortiGate devices that are sending logs to FortiAnalyzer.
• B. Enable web filtering in firewall policies on FortiGate devices, and make sure the FortiGate logs are sent to FortiAnalyzer.
• C. Subscribe FortiAnalyzer to FortiGuard to keep its local threat database up to date.
• D. Subscribe to the Outbreak Detection Service so that the FortiAnalyzer has the latest event handlers.

Correct answer: B, C

Explanation

The correct answer includes B and C because enabling web filtering on FortiGate and ensuring logs are sent to FortiAnalyzer allows for effective monitoring of compromised hosts, while keeping the threat database updated is crucial for accurate threat detection. Options A and D, while useful for other purposes, do not directly relate to viewing compromised hosts on FortiAnalyzer.