NSE 5 – FortiAnalyzer 6.2 — Question 24

Which log type does the FortiAnalyzer indicators of compromise feature use to identify infected hosts?

Answer options

• A. Antivirus logs
• B. Web filter logs
• C. IPS logs
• D. Application control logs

Correct answer: B

Explanation

The correct answer is B, as the Web filter logs provide essential data regarding web traffic and potential malicious activity, which is crucial for identifying infected hosts. The other log types, such as Antivirus logs and IPS logs, focus on different aspects of security and do not specifically target web-based threats as effectively as Web filter logs do.