FCP – FortiWeb Administrator 7.4 — Question 26

Which two functions does the first layer of the FortiWeb anomaly machine learning (ML) analysis mechanism perform? (Choose two.)

Answer options

• A. Determines whether an anomaly is a real attack or just a harmless anomaly that should be ignored
• B. Determines a probability model behind every parameter and HTTP method passing through FortiWeb
• C. Determines whether traffic is an anomaly, based on observable features over time
• D. Determines if a detected threat is a false-positive or not

Correct answer: B, C

Explanation

The correct answers are B and C because the first layer focuses on creating a probability model for the parameters and methods while also identifying anomalies based on features over time. Option A is incorrect because it pertains to the classification of anomalies after detection, and option D deals with verifying if a threat is a false positive, which is not a function of the first layer.