Fortinet NSE5_EDR-5.0 - Fortinet NSE 5 - FortiEDR 5.0 Exam
Page: 2 / 9
Total 44 questions
Question #6 (Topic: Exam A)
Which security policy has all of its rules disabled by default?
A. Exfiltration Prevention
B. Execution Prevention
C. Device Control
D. Ransomware Prevention
Answer: D
Question #7 (Topic: Exam A)
Based on the event shown in the exhibit, which two statements about the event are true? (Choose two.)
A. The policy is in simulation mode.
B. The device is moved to isolation.
C. The event has been blocked.
D. Playbooks is configured for this event.
Answer: AD
Question #8 (Topic: Exam A)
Which connectors can you use for the FortiEDR automated incident response? (Choose two.)
A. FortiSandbox
B. FortiSiem
C. FortiNAC
D. FortiGate
Answer: AB
Question #9 (Topic: Exam A)
Which FortiEDR component is required to find malicious files on the entire network of an organization?
A. FortiEDR Aggregator
B. FortiEDR Threat Hunting Repository
C. FortiEDR Central Manager
D. FortiEDR Core
Answer: C
Question #10 (Topic: Exam A)
Which threat hunting profile is the most resource intensive?
A. Inventory
B. Comprehensive
C. Standard Collection
D. Default
Answer: B
