What is the purpose of the Threat Hunting feature?
Answer : D
Refer to the exhibit.
Based on the FortiEDR status output shown in the exhibit, which two statements about the FortiEDR collector are true? (Choose two.)
Answer : CD
Which two statements about the FortiEDR solution are true? (Choose two.)
Answer : CD
Which two types of remote authentication does the FortiEDR management console support? (Choose two.)
Answer : AD
Refer to the exhibit.
Based on the postman output shown in the exhibit, why is the user getting an unauthorized error?
Answer : B
Refer to the exhibit.
Based on the threat hunting event details shown in the exhibit, which two statements about the event are true? (Choose two.)
Answer : AC
Refer to the exhibit.
Based on the event exception shown in the exhibit, which two statements about the exception are true? (Choose two.)
Answer : BC
The FortiEDR core classified an event as inconclusive, but a few seconds later FCS revised the classification to malicious.
What playbook actions are applied to the event?
Answer : D
FortiXDR relies on which feature as part of its automated extended response?
Answer : C
Refer to the exhibits.
The exhibits show application policy logs and application details. Collector C8092231196 is a member of the Finance group.
What must an administrator do to block the FileZilla application?
Answer : A
Which two statements are true about the remediation function in the threat hunting module? (Choose two.)
Answer : BD
An administrator needs to restrict access to the ADMINISTRATION tab in the central manager for a specific account.
What role should the administrator assign to this account?
Answer : C
An administrator finds a third party free software on a user’s computer that does not appear in the application list in the communication control console.
Which two statements are true about this situation? (Choose two.)
Answer : CD
Refer to the exhibits.
The exhibits show the collector state and active connections. The collector is unable to connect to aggregator IP address 10.160.6.100 using default port.
Based on the netstat command output what must you do to resolve the connectivity issue?
Answer : D
Refer to the exhibit.
Based on the threat hunting query shown in the exhibit, which of the following is true?
Answer : D