FCP – FortiClient Administrator 7.4 — Question 4

Which two statements apply to FortiClient forensics analysis? (Choose two.)

Answer options

• A. FortiClient sends an alert notification when malicious activity is triggered.
• B. The administrator must request analysis for the desired endpoint.
• C. The endpoint is quarantined until forensics is completed.
• D. Forensics analysis features must be enabled in the system settings profile.

Correct answer: A, D

Explanation

Option A is correct because FortiClient does send alerts when it identifies malicious actions. Option D is also correct as forensics features require activation in the settings. Options B and C are incorrect; the administrator does not need to request analysis for every endpoint and the endpoint is not automatically quarantined during forensics.