Name: Fortinet NSE 5 - FortiEDR 5.0
Brand: ValidExamDumps
SKU: NSE5_EDR-5.0
Price: 20 USD
Availability: InStock
Rating: 4.8 (400 reviews)

Free Fortinet NSE5_EDR-5.0 Exam Actual Questions

The questions for NSE5_EDR-5.0 were last updated On Dec 18, 2024

Question No. 1

Which two statements are true about the remediation function in the threat hunting module? (Choose two.)

AThe file is removed from the affected collectors

BThe threat hunting module sends the user a notification to delete the file

CThe file is quarantined

DThe threat hunting module deletes files from collectors that are currently online.

Show Answer

Correct Answer: B, C

Question No. 2

Refer to the exhibits.

The exhibits show application policy logs and application details Collector C8092231196 is a member of the Finance group

What must an administrator do to block the FileZilia application?

ADeny application in Finance policy

BAssign Finance policy to DBA group

CAssign Finance policy to Default Collector Group

DAssign Simulation Communication Control Policy to DBA group

Show Answer

Correct Answer: D

Question No. 3

A FortiEDR security event is causing a performance issue with a third-parry application. What must you do first about the event?

AContact Fortinet support

BTerminate the process and uninstall the third-party application

CImmediately create an exception

DInvestigate the event to verify whether or not the application is safe

Show Answer

Correct Answer: C

Question No. 4

Exhibit.

Based on the event shown in the exhibit which two statements about the event are true? (Choose two.)

AThe device is moved to isolation.

BPlaybooks is configured for this event.

CThe event has been blocked

DThe policy is in simulation mode

Show Answer

Correct Answer: B, D

Question No. 5

Which threat hunting profile is the most resource intensive?

AComprehensive

BInventory

CDefault

DStandard Collection

Show Answer

Correct Answer: A