NSE5_EDR-5.0 Online Practice Questions and Answers
Which FortiEDR component is required to find malicious files on the entire network of an organization?
A. FortiEDR Aggregator
B. FortiEDR Central Manager
C. FortiEDR Threat Hunting Repository
D. FortiEDR Core
Which threat hunting profile is the most resource intensive?
A. Comprehensive
B. Inventory
C. Default
D. Standard Collection
A company requires a global communication policy for a FortiEDR multi-tenant environment.
How can the administrator achieve this?
A. An administrator creates a new communication control policy and shares it with other organizations
B. A local administrator creates new a communication control policy and shares it with other organizations
C. A local administrator creates a new communication control policy and assigns it globally to all organizations
D. An administrator creates a new communication control policy for each organization
A FortiEDR security event is causing a performance issue with a third-parry application. What must you do first about the event?
A. Contact Fortinet support
B. Terminate the process and uninstall the third-party application
C. Immediately create an exception
D. Investigate the event to verify whether or not the application is safe
Refer to the exhibit.
Based on the FortiEDR status output shown in the exhibit, which two statements about the FortiEDR collector are true? (Choose two.)
A. The collector device has windows firewall enabled
B. The collector has been installed with an incorrect port number
C. The collector has been installed with an incorrect registration password
D. The collector device cannot reach the central manager
Which two statements about the FortiEDR solution are true? (Choose two.)
A. It provides pre-infection and post-infection protection
B. It is Windows OS only
C. It provides central management
D. It provides pant-to-point protection
Refer to the exhibits.
The exhibits show application policy logs and application details Collector C8092231196 is a member of the Finance group What must an administrator do to block the FileZilia application?
A. Deny application in Finance policy
B. Assign Finance policy to DBA group
C. Assign Finance policy to Default Collector Group
D. Assign Simulation Communication Control Policy to DBA group
An administrator finds that a newly installed collector does not display on the INVENTORY tab in the central manager.
What two troubleshooting steps must the administrator perform? (Choose two.)
A. Export the collector logs from the central manager.
B. Verify the central manager has connectivity to FCS.
C. Verify TCP ports 8081 and 555 are open.
D. Check if the FortiEDR services are running on the collector device.
Why select/choose certbus.com?
Millions of interested professionals can touch the destination of success in exams by certbus.com. products which would be available, affordable, updated and of really best quality to overcome the difficulties of any course outlines. Questions and Answers material is updated in highly outclass manner on regular basis and material is released periodically and is available in testing centers with whom we are maintaining our relationship to get latest material.
Copyright © 2004-2025 certbus.com, All Rights Reserved.