Unhandled: If the event is risk is not mitigated or contained, so it is considered open. In this case, the action = pass will have the event status Unhandled.
FAZ Analyst 7.2 Study Guide page 111
B) FortiAnalyzer_7.0_Study_Guide-Online.pdf page 206: Mitigated: The security risk is mitigated by being blocked or dropped. For example, an IPS/AV log with action=block/drop will have the event status Mitigated.
Answer is B.
Events in FortiAnalyzer will be in one of four statuses. The current status will determine if more actions need to be taken by the security team or not.
The possible statuses are:
Unhandled: The security event risk is not mitigated or contained, so it is considered open.
Contained: The risk source is isolated.
Mitigated: The security risk is mitigated by being blocked or dropped.
(Blank): Other scenarios.
FortiAnalyzer_7.0_Study_Guide-Online pag. 206
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
PiotrSwi
1 year agoMaxTalin
1 year, 1 month agoomega_raid
1 year, 3 months agochyeahhh
1 year, 8 months agomyrmidon3
1 year, 1 month agoReque1
1 year, 6 months agockl55995
1 year, 11 months agonerostart
2 years, 1 month agonerostart
2 years, 1 month agolucient
2 years, 1 month agoZakySama
2 years, 2 months agodvalsa
2 years, 2 months agoKhs01
2 years, 2 months agomorzart2025
2 years, 2 months ago