[2023年03月]更新のNSE5_EDR-5.0試験問題集、NSE5_EDR-5.0練習テスト問題
検証済みNSE5_EDR-5.0問題集PDF資料 [2023]
Fortinet NSE5_EDR-5.0 認定試験の出題範囲:
トピック | 出題範囲 |
---|---|
トピック 1 |
|
トピック 2 |
|
トピック 3 |
|
トピック 4 |
|
トピック 5 |
|
トピック 6 |
|
トピック 7 |
|
トピック 8 |
|
質問 12
Which security policy has all of its rules disabled by default?
- A. Exfiltration Prevention
- B. Execution Prevention
- C. Ransomware Prevention
- D. Device Control
正解: C
質問 13
Exhibit.
Based on the event shown in the exhibit which two statements about the event are true? (Choose two.)
- A. The device is moved to isolation.
- B. The event has been blocked
- C. The policy is in simulation mode
- D. Playbooks is configured for this event.
正解: C,D
質問 14
An administrator finds a third party free software on a user's computer mat does not appear in me application list in the communication control console Which two statements are true about this situation? (Choose two)
- A. The application is allowed in all communication control policies
- B. The application is ignored as the reputation score is acceptable by the security policy
- C. The application is blocked by the security policies
- D. The application has not made any connection attempts
正解: A,C
質問 15
FortiXDR relies on which feature as part of its automated extended response?
- A. Security Policies
- B. Communication Control
- C. Playbooks
- D. Forensic
正解: A
質問 16
Which two statements about the FortiEDR solution are true? (Choose two.)
- A. It is Windows OS only
- B. It provides pre-infection and post-infection protection
- C. It provides central management
- D. It provides pant-to-point protection
正解: B,D
質問 17
How does FortiEDR implement post-infection protection?
- A. By using methods used by traditional EDR
- B. By insurance against ransomware
- C. By real-time filtering to prevent malware from executing
- D. By preventing data exfiltration or encryption even after a breach occurs
正解: C
質問 18
Refer to the exhibit.
Based on the threat hunting query shown in the exhibit which of the following is true?
- A. This query is included in other organizations
- B. The query will only check for network category
- C. RDP connections will be blocked and classified as suspicious
- D. A security event will be triggered when the device attempts a RDP connection
正解: D
質問 19
Exhibit.
Based on the forensics data shown in the exhibit which two statements are true? (Choose two.)
- A. The execution prevention policy has blocked this event.
- B. The device cannot be remediated
- C. The event was blocked because the certificate is unsigned
- D. Device C8092231196 has been isolated
正解: C,D
質問 20
Refer to the exhibit.
Based on the threat hunting event details shown in the exhibit, which two statements about the event are true?
(Choose two.)
- A. The activity event is associated with the file action
- B. There are no MITRE details available for this event
- C. The PING EXE process was blocked
- D. The user fortinet has executed a ping command
正解: B,C
質問 21
Which connectors can you use for the FortiEDR automated incident response? (Choose two.)
- A. FortiNAC
- B. FortiSandbox
- C. FortiGate
- D. FortiSiem
正解: C,D
質問 22
Which FortiEDR component is required to find malicious files on the entire network of an organization?
- A. FortiEDR Core
- B. FortiEDR Threat Hunting Repository
- C. FortiEDR Central Manager
- D. FortiEDR Aggregator
正解: D
質問 23
Refer to the exhibit.
Based on the FortiEDR status output shown in the exhibit, which two statements about the FortiEDR collector are true? (Choose two.)
- A. The collector has been installed with an incorrect port number
- B. The collector device cannot reach the central manager
- C. The collector device has windows firewall enabled
- D. The collector has been installed with an incorrect registration password
正解: A,B
質問 24
......
最新のNSE5_EDR-5.0実際の無料試験問題は更新された30問あります:https://www.jpntest.com/shiken/NSE5_EDR-5.0-mondaishu