New Year Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70percent

Certensure Logo
  1. Home
  2. Fortinet
  3. NSE 5 Network Security Analyst
  4. NSE5_EDR-5.0 - Fortinet NSE 5 - FortiEDR 5.0 Exam

Fortinet NSE5_EDR-5.0 Fortinet NSE 5 - FortiEDR 5.0 Exam Exam Practice Test

Demo: 4 questions
Total 30 questions
Get NSE5_EDR-5.0 Full Access Download NSE5_EDR-5.0 PDF

Fortinet NSE 5 - FortiEDR 5.0 Exam Questions and Answers

Question 1

Refer to the exhibit.

Based on the threat hunting event details shown in the exhibit, which two statements about the event are true? (Choose two.)

Options:

A.

The PING EXE process was blocked

B.

The user fortinet has executed a ping command

C.

The activity event is associated with the file action

D.

There are no MITRE details available for this event

Question 2

Which security policy has all of its rules disabled by default?

Options:

A.

Device Control

B.

Ransomware Prevention

C.

Execution Prevention

D.

Exfiltration Prevention

Question 3

Which two statements are true about the remediation function in the threat hunting module? (Choose two.)

Options:

A.

The file is removed from the affected collectors

B.

The threat hunting module sends the user a notification to delete the file

C.

The file is quarantined

D.

The threat hunting module deletes files from collectors that are currently online.

Question 4

Refer to the exhibits.

The exhibits show the collector state and active connections. The collector is unable to connect to aggregator IP address 10.160.6.100 using default port.

Based on the netstat command output what must you do to resolve the connectivity issue?

Options:

A.

Reinstall collector agent and use port 443

B.

Reinstall collector agent and use port 8081

C.

Reinstall collector agent and use port 555

D.

Reinstall collector agent and use port 6514

Load More NSE5_EDR-5.0 Questions
Demo: 4 questions
Total 30 questions
Get NSE5_EDR-5.0 Full Access Download NSE5_EDR-5.0 PDF