Download Fortinet.NSE5_EDR-5.0.VCEplus.2022-11-15.30q.tqb
| Vendor: | Fortinet |
| Exam Code: | NSE5_EDR-5.0 |
| Exam Name: | Fortinet NSE 5 - FortiEDR 5.0 |
| Date: | Nov 15, 2022 |
| File Size: | 2 MB |
Demo Questions
Question 1
What is the purpose of the Threat Hunting feature?
- Delete any file from any collector in the organization
- Find and delete all instances of a known malicious file or hash in the organization
- Identify all instances of a known malicious file or hash and notify affected users
- Execute playbooks to isolate affected collectors in the organization
Correct answer: C
Question 2
How does FortiEDR implement post-infection protection?
- By preventing data exfiltration or encryption even after a breach occurs
- By using methods used by traditional EDR
- By insurance against ransomware
- By real-time filtering to prevent malware from executing
Correct answer: D
Question 3
Exhibit.
Based on the forensics data shown in the exhibit which two statements are true? (Choose two.)
- The device cannot be remediated
- The event was blocked because the certificate is unsigned
- Device C8092231196 has been isolated
- The execution prevention policy has blocked this event.
Correct answer: BC
