[2023年更新]NSE5_EDR-5.0のPDF問題完璧見込みで練習試験合格させます [Q17-Q39]

Share

[2023年更新]NSE5_EDR-5.0のPDF問題完璧見込みでFast2test練習試験合格させます

Fortinet NSE5_EDR-5.0のPDF問題傑作練習用であなたの試験を合格してみせます

質問 # 17
What is the role of a collector in the communication control policy?

  • A. A collector records applications that communicate externally
  • B. A collector can quarantine unsafe applications from communicating
  • C. A collector blocks unsafe applications from running
  • D. A collector is used to change the reputation score of any application that collector runs

正解:C


質問 # 18
Which FortiEDR component is required to find malicious files on the entire network of an organization?

  • A. FortiEDR Central Manager
  • B. FortiEDR Aggregator
  • C. FortiEDR Core
  • D. FortiEDR Threat Hunting Repository

正解:B


質問 # 19
Refer to the exhibit.

Based on the event exception shown in the exhibit which two statements about the exception are true? (Choose two)

  • A. A partial exception is applied to this event
  • B. The exception is applied only on device C8092231196
  • C. FCS playbooks is enabled by Fortinet support
  • D. The system owner can modify the trigger rules parameters

正解:A、B


質問 # 20
An administrator finds a third party free software on a user's computer mat does not appear in me application list in the communication control console Which two statements are true about this situation? (Choose two)

  • A. The application is ignored as the reputation score is acceptable by the security policy
  • B. The application is allowed in all communication control policies
  • C. The application is blocked by the security policies
  • D. The application has not made any connection attempts

正解:B、C


質問 # 21
Which connectors can you use for the FortiEDR automated incident response? (Choose two.)

  • A. FortiGate
  • B. FortiSandbox
  • C. FortiNAC
  • D. FortiSiem

正解:A、D


質問 # 22
A FortiEDR security event is causing a performance issue with a third-parry application. What must you do first about the event?

  • A. Investigate the event to verify whether or not the application is safe
  • B. Terminate the process and uninstall the third-party application
  • C. Contact Fortinet support
  • D. Immediately create an exception

正解:D


質問 # 23
What is the purpose of the Threat Hunting feature?

  • A. Identify all instances of a known malicious file or hash and notify affected users
  • B. Execute playbooks to isolate affected collectors in the organization
  • C. Delete any file from any collector in the organization
  • D. Find and delete all instances ofa known malicious file or hash inthe organization

正解:A


質問 # 24
How does FortiEDR implement post-infection protection?

  • A. By using methods used by traditional EDR
  • B. By preventing data exfiltration or encryption even after a breach occurs
  • C. By insurance against ransomware
  • D. By real-time filtering to prevent malware from executing

正解:D


質問 # 25
Exhibit.

Based on the forensics data shown in the exhibit, which two statements are true? (Choose two.)

  • A. The exfiltration prevention policy has blocked this event
  • B. The forensics data is displayed m the stacks view
  • C. An exception has been created for this event
  • D. The device has been isolated

正解:A、D


質問 # 26
Refer to the exhibit.

Based on the event shown in the exhibit, which two statements about the event are true? (Choose two.)

  • A. The NGAV policy has blocked TestApplication exe
  • B. TestApplication exe is sophisticated malware
  • C. FCS classified the event as malicious
  • D. The user was able to launch TestApplication exe

正解:A、B


質問 # 27
What is the benefit of using file hash along with the file name in a threat hunting repository search?

  • A. It helps to make sure the hash is really a malware
  • B. It helps to find if some instances of the hash are actually associated with a different file
  • C. It helps to check the malware even if the malware variant uses a different file name
  • D. It helps locate a file as threat hunting only allows hash search

正解:B


質問 # 28
What is true about classifications assigned by Fortinet Cloud Sen/ice (FCS)?

  • A. The core only assigns a classification if FCS is not available
  • B. FCS revises the classification of the core based on its database
  • C. FCS is responsible for all classifications
  • D. The core is responsible for all classifications if FCS playbooks are disabled

正解:B


質問 # 29
......

オンライン問題傑作練習用であなたの試験を合格してみせます:https://jp.fast2test.com/NSE5_EDR-5.0-premium-file.html

練習できるNSE5_EDR-5.0にはFast2test明確な練習であなたをFortinet NSE 5 - FortiEDR 5.0試験合格させます:https://drive.google.com/open?id=1Qfz3L0vSP8vwQvzbJLH3dKEFcLP8_aUI


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어