What are the two major types of intelligence that determine the verdict for a compromised host?

Study for the Fortinet FortiAnalyzer 6.4 Test. Use interactive flashcards and multiple choice questions with detailed explanations. Be exam-ready!

The correct choice identifies the two major types of intelligence that are instrumental in evaluating a compromised host. Blacklists and suspicious lists serve as critical tools in cybersecurity. Blacklists contain known malicious entities—such as IP addresses, URLs, or domains—recognized for their involvement in harmful activities, and are a key reference point for identifying threats. Suspicious lists, on the other hand, are developed based on behavior and indicators that may not yet be classified as malicious but warrant further scrutiny. By using both lists in conjunction, security teams can effectively assess the security posture of a host and determine whether it has been compromised based on confirmed or suspected malicious activity.

The other options do not capture the specific intelligence types necessary for accurately determining the status of a compromised host. While offensive and defensive intelligence involves broader strategic measures for cybersecurity, and historical and real-time intelligence provide context for understanding threats over time versus current threats, they do not specifically answer the query regarding the assessment of individual compromised hosts with the same precision as blacklists and suspicious lists. IP and URL analysis is more of a method for scrutinizing specific data points rather than a type of intelligence for making overall verdicts on compromised hosts.

Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy