Certbus > Fortinet > Fortinet Certifications > NSE5_EDR-5.0 > NSE5_EDR-5.0 Online Practice Questions and Answers

NSE5_EDR-5.0 Online Practice Questions and Answers

Questions 4

Which FortiEDR component is required to find malicious files on the entire network of an organization?

A. FortiEDR Aggregator

B. FortiEDR Central Manager

C. FortiEDR Threat Hunting Repository

D. FortiEDR Core

Browse 41 Q&As
Questions 5

Which threat hunting profile is the most resource intensive?

A. Comprehensive

B. Inventory

C. Default

D. Standard Collection

Browse 41 Q&As
Questions 6

A company requires a global communication policy for a FortiEDR multi-tenant environment.

How can the administrator achieve this?

A. An administrator creates a new communication control policy and shares it with other organizations

B. A local administrator creates new a communication control policy and shares it with other organizations

C. A local administrator creates a new communication control policy and assigns it globally to all organizations

D. An administrator creates a new communication control policy for each organization

Browse 41 Q&As
Questions 7

A FortiEDR security event is causing a performance issue with a third-parry application. What must you do first about the event?

A. Contact Fortinet support

B. Terminate the process and uninstall the third-party application

C. Immediately create an exception

D. Investigate the event to verify whether or not the application is safe

Browse 41 Q&As
Questions 8

Refer to the exhibit.

Based on the FortiEDR status output shown in the exhibit, which two statements about the FortiEDR collector are true? (Choose two.)

A. The collector device has windows firewall enabled

B. The collector has been installed with an incorrect port number

C. The collector has been installed with an incorrect registration password

D. The collector device cannot reach the central manager

Browse 41 Q&As
Questions 9

Which two statements about the FortiEDR solution are true? (Choose two.)

A. It provides pre-infection and post-infection protection

B. It is Windows OS only

C. It provides central management

D. It provides pant-to-point protection

Browse 41 Q&As
Questions 10

Refer to the exhibits.

The exhibits show application policy logs and application details Collector C8092231196 is a member of the Finance group What must an administrator do to block the FileZilia application?

A. Deny application in Finance policy

B. Assign Finance policy to DBA group

C. Assign Finance policy to Default Collector Group

D. Assign Simulation Communication Control Policy to DBA group

Browse 41 Q&As
Questions 11

An administrator finds that a newly installed collector does not display on the INVENTORY tab in the central manager.

What two troubleshooting steps must the administrator perform? (Choose two.)

A. Export the collector logs from the central manager.

B. Verify the central manager has connectivity to FCS.

C. Verify TCP ports 8081 and 555 are open.

D. Check if the FortiEDR services are running on the collector device.

Browse 41 Q&As
Exam Code: NSE5_EDR-5.0
Exam Name: Fortinet NSE 5 - FortiEDR 5.0
Last Update: Mar 17, 2025
Questions: 41 Q&As

PDF

$49.99

VCE

$55.99

PDF + VCE

$65.99