Unhandled: If the event is risk is not mitigated or contained, so it is considered open. In this case, the action = pass will have the event status Unhandled.
FAZ Analyst 7.2 Study Guide page 111
B) FortiAnalyzer_7.0_Study_Guide-Online.pdf page 206: Mitigated: The security risk is mitigated by being blocked or dropped. For example, an IPS/AV log with action=block/drop will have the event status Mitigated.
Answer is B.
Events in FortiAnalyzer will be in one of four statuses. The current status will determine if more actions need to be taken by the security team or not.
The possible statuses are:
Unhandled: The security event risk is not mitigated or contained, so it is considered open.
Contained: The risk source is isolated.
Mitigated: The security risk is mitigated by being blocked or dropped.
(Blank): Other scenarios.
FortiAnalyzer_7.0_Study_Guide-Online pag. 206
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
PiotrSwi
10 months, 1 week agoMaxTalin
11 months agoomega_raid
1 year, 1 month agochyeahhh
1 year, 5 months agomyrmidon3
10 months, 3 weeks agoReque1
1 year, 4 months agockl55995
1 year, 9 months agonerostart
1 year, 11 months agonerostart
1 year, 11 months agolucient
1 year, 11 months agoZakySama
1 year, 12 months agodvalsa
2 years agoKhs01
2 years agomorzart2025
2 years ago