Summer Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ecus65

Fortinet NSE5_EDR-5.0 - Fortinet NSE 5 - FortiEDR 5.0 Exam

Fortinet NSE5_EDR-5.0 Premium Access     Download Demo    
Page: 1 / 1
Total 30 questions

What is true about classifications assigned by Fortinet Cloud Sen/ice (FCS)?

A.

The core is responsible for all classifications if FCS playbooks are disabled

B.

The core only assigns a classification if FCS is not available

C.

FCS revises the classification of the core based on its database

D.

FCS is responsible for all classifications

The FortiEDR axe classified an event as inconclusive, out a few seconds later FCS revised the classification to malicious. What playbook actions ate applied to the event?

A.

Playbook actions applied to inconclusive events

B.

Playbook actions applied to handled events

C.

Playbook actions applied to suspicious events

D.

Playbook actions applied to malicious events

FortiXDR relies on which feature as part of its automated extended response?

A.

Playbooks

B.

Security Policies

C.

Forensic

D.

Communication Control

How does FortiEDR implement post-infection protection?

A.

By preventing data exfiltration or encryption even after a breach occurs

B.

By using methods used by traditional EDR

C.

By insurance against ransomware

D.

By real-time filtering to prevent malware from executing

A FortiEDR security event is causing a performance issue with a third-parry application. What must you do first about the event?

A.

Contact Fortinet support

B.

Terminate the process and uninstall the third-party application

C.

Immediately create an exception

D.

Investigate the event to verify whether or not the application is safe

What is the role of a collector in the communication control policy?

A.

A collector blocks unsafe applications from running

B.

A collector is used to change the reputation score of any application that collector runs

C.

A collector records applications that communicate externally

D.

A collector can quarantine unsafe applications from communicating

Which two statements about the FortiEDR solution are true? (Choose two.)

A.

It provides pre-infection and post-infection protection

B.

It is Windows OS only

C.

It provides central management

D.

It provides pant-to-point protection

Which connectors can you use for the FortiEDR automated incident response? (Choose two.)

A.

FortiNAC

B.

FortiGate

C.

FortiSiem

D.

FortiSandbox

Which FortiEDR component is required to find malicious files on the entire network of an organization?

A.

FortiEDR Aggregator

B.

FortiEDR Central Manager

C.

FortiEDR Threat Hunting Repository

D.

FortiEDR Core