Fortinet NSE 5 – FortiEDR 5.0 NSE5_EDR-5.0 Dumps

0
43
The latest Fortinet NSE 5 – FortiEDR 5.0 NSE5_EDR-5.0 Dumps are newly cracked, which are very helpful for your test preparation. PasscertĀ Fortinet NSE 5 – FortiEDR 5.0 NSE5_EDR-5.0 DumpsĀ contain real questions and answers that will help you to understand all the topics of the exam comprehensively. They use professional knowledge and experience to provide Fortinet NSE 5 – FortiEDR 5.0 NSE5_EDR-5.0 Dumps for people ready to participate in Fortinet NSE5_EDR-5.0 exam. The accuracy rate of Fortinet NSE 5 – FortiEDR 5.0 NSE5_EDR-5.0 Dumps provided by Passcert is very high and they can 100% guarantee you pass the NSE5_EDR-5.0 Fortinet NSE 5 – FortiEDR 5.0 exam successfully for one time.
Fortinet NSE 5 - FortiEDR 5.0 NSE5_EDR-5.0 Dumps

Fortinet NSE 5 – FortiEDR 5.0

The Fortinet NSE 5 – FortiEDR 5.0 exam is part of the NSE5 Network Security Analyst program, and recognizes the successful candidateā€™s knowledge of and expertise with the FortiEDR solution. The exam tests the candidate’s applied knowledge of FortiEDR configuration, operation, and day-to-day administration, and includes operational scenarios, configuration extracts, and troubleshooting captures.
The Fortinet NSE 5 – FortiEDR 5.0 exam is intended for network and security professionals responsible for the configuration and administration of endpoint security solutions in an enterprise network security infrastructure.

Exam Details

Exam name: Fortinet NSE 5 -FortiEDR 5.0
Exam series: NSE5_EDR-5.0
Time allowed: 60 minutes
Exam questions: 30 multiple-choice questions
Scoring Pass or fail. A score report is available from your Pearson VUE account.
Language: English
Product version: FortiEDR 5.0

Exam Topics

Successful candidates have applied knowledge and skills in the following areas and tasks:

FortiEDR system

Explain FortiEDR architecture and technical positioning
Perform installation process
Perform FortiEDR inventory and use system tools
Deploy FortiEDR multi-tenancy
Use API to carry out FortiEDR management functions

FortiEDR security settings and policies

Configure communication control policy
Configure security policies
Configure playbooks
Explain Fortinet Cloud Service (FCS)

Events, forensics, and threat hunting

Analyze security events and alerts
Configure threat hunting profiles and scheduled queries
Analyze threat hunting data
Investigate security events using forensics analysis

FortiEDR integration

Deploy FortiXDR
Configure security fabric using FortiEDR

FortiEDR troubleshooting

Perform FortiEDR troubleshooting
Perform alert analysis on FortiEDR security events and logs

Share Fortinet NSE 5 -FortiEDR 5.0 FortiEDR 5.0 Sample Questions

1. Which two statements about the FortiEDR solution are true? (Choose two.)
A.It provides pre-infection and post-infection protection
B.It is Windows OS only
C.It provides central management
D.It provides pant-to-point protection
Answer: A, D
2. Which security policy has all of its rules disabled by default?
A.Device Control
B.Ransomware Prevention
C.Execution Prevention
D.Exfiltration Prevention
Answer: B
3. Which FortiEDR component is required to find malicious files on the entire network of an organization?
A.FortiEDR Aggregator
B.FortiEDR Central Manager
C.FortiEDR Threat Hunting Repository
D.FortiEDR Core
Answer: A
4. Which scripting language is supported by the FortiEDR action managed?
A.TCL
B.Python
C.Perl
D.Bash
Answer: A
5. A FortiEDR security event is causing a performance issue with a third-parry application. What must you do first about the event?
A.Contact Fortinet support
B.Terminate the process and uninstall the third-party application
C.Immediately create an exception
D.Investigate the event to verify whether or not the application is safe
Answer: C
6. Which connectors can you use for the FortiEDR automated incident response? (Choose two.)
A.FortiNAC
B.FortiGate
C.FortiSiem
D.FortiSandbox
Answer: B, C
7. An administrator finds a third party free software on a user’s computer mat does not appear in me application list in the communication control console
Which two statements are true about this situation? (Choose two)
A.The application is allowed in all communication control policies
B.The application is ignored as the reputation score is acceptable by the security policy
C.The application has not made any connection attempts
D.The application is blocked by the security policies
Answer: A, D
8. What is the purpose of the Threat Hunting feature?
A.Delete any file from any collector in the organization
B.Find and delete all instances ofa known malicious file or hash inthe organization
C.Identify all instances of a known malicious file or hash and notify affected users
D.Execute playbooks to isolate affected collectors in the organization
Answer: C
9. The FortiEDR axe classified an event as inconclusive, out a few seconds later FCS revised the classification to malicious. What playbook actions ate applied to the event?
A.Playbook actions applied to inconclusive events
B.Playbook actions applied to handled events
C.Playbook actions applied to suspicious events
D.Playbook actions applied to malicious events
Answer: D
10. A company requires a global communication policy for a FortiEDR multi-tenant environment.
How can the administrator achieve this?
A.Anadministrator creates a new communication control policy and shares it with other organizations
B.Alocal administrator creates new a communication control policy and shares it with other organizations
C.A local administrator creates a new communication control policy and assigns it globally to all organizations
D.Anadministrator creates a new communication control policy for each organization
Answer: C