What is the disadvantage of automatic remediation?

What is the disadvantage of automatic remediation?
A . It can make a disruptive change to a user, block access to an application, or disconnect critical systems from the network.
B. It is equivalent to running an IPS in monitor-only mode ― watches but does not block.
C. External threats or attacks detected by FortiSIEM will need user interaction to take action on an already overworked SOC team.
D. Threat behaviors occurring during the night could take hours to respond to.

Answer: A

Explanation:

The disadvantage of automatic remediation is that it can make a disruptive change to a user, block access to an application, or disconnect critical systems from the network. Automatic remediation can have unintended consequences if not carefully planned and tested. Therefore, it is recommended to use manual or semi-automatic remediation for sensitive or critical systems.

Reference: Fortinet NSE 7 – Advanced Analytics 6.3 Exam Description, page 15

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments