Question 6 of 44
Which security policy has all of its rules disabled by default?
Answer

Suggested Answer

The suggested answer is C.

The security policy that has all of its rules disabled by default is Device Control. This policy typically includes rules regarding the use and management of external devices like USB drives, and these rules are not enabled by default to allow users flexibility in configuring the controls as needed.

Community Votes10 votes
CSuggested
100%
Question 7 of 44
Based on the event shown in the exhibit, which two statements about the event are true? (Choose two.)
Exam NSE5_EDR-5.0: Question 7 - Image 1
Answer

Suggested Answer

The suggested answer is A, D.

The event is related to Training-eXtended Detection, which operates in simulation mode, and the playbooks are configured for this event, indicated by the device being moved automatically between collector groups.

Community Votes7 votes
ADSuggested
86%
BD
14%
Question 8 of 44
Which connectors can you use for the FortiEDR automated incident response? (Choose two.)
Answer

Suggested Answer

The suggested answer is C, D.

The correct connectors for FortiEDR automated incident response are FortiNAC and FortiGate. FortiNAC offers network access control, essential for isolating and controlling endpoints during incident response. FortiGate, a next-generation firewall, provides advanced security measures, traffic control, and threat management, which are crucial for handling security incidents automatically. These integrations enhance FortiEDR’s capabilities for effective incident management.

Community Votes4 votes
CDSuggested
100%
Question 9 of 44
Which FortiEDR component is required to find malicious files on the entire network of an organization?
Answer

Suggested Answer

The suggested answer is B.

The FortiEDR Threat Hunting Repository is the component specifically designed to find and delete known malware on any device within the system. It is tailored for the purpose of identifying and eliminating malicious files across the entire network, hence making it the appropriate choice for this function.

Community Votes2 votes
BSuggested
100%
Question 10 of 44
Which threat hunting profile is the most resource intensive?
Answer

Suggested Answer

The suggested answer is B.

The Comprehensive threat hunting profile is the most resource-intensive because it involves collecting almost all data from endpoints. This extensive data collection process requires more resources compared to other profiles, making it the most demanding in terms of resource utilization.

Community Votes2 votes
BSuggested
100%