• ホーム
  • ブログ
  • 有効なNSE 5 Network Security Analyst NSE5_EDR-5.0問題集はあなたの合格を必ず保証します [Q17-Q33]

有効なNSE 5 Network Security Analyst NSE5_EDR-5.0問題集はあなたの合格を必ず保証します [Q17-Q33]

Share

有効なNSE 5 Network Security Analyst NSE5_EDR-5.0問題集はあなたの合格を必ず保証します

NSE5_EDR-5.0問題集でリアル試験問題でテストエンジン問題集でトレーニング


Fortinet NSE5_EDR-5.0 認定試験の出題範囲:

トピック出題範囲
トピック 1
  • Configure threat hunting profiles and scheduled queries
  • Perform FortiEDR inventory and use system tools
トピック 2
  • Events, forensics, and threat hunting
  • Analyze security events and alerts
トピック 3
  • Analyze threat hunting data
  • FortiEDR troubleshooting, Configure playbooks, Deploy FortiXDR
トピック 4
  • Configure security fabric using FortiEDR
  • Perform FortiEDR troubleshooting
トピック 5
  • Use API to carry out FortiEDR management functions
  • FortiEDR security settings and policies
トピック 6
  • Configure security policies
  • Perform installation process

 

質問 # 17
Refer to the exhibit.

Based on the event shown in the exhibit, which two statements about the event are true? (Choose two.)

  • A. The NGAV policy has blocked TestApplication exe
  • B. TestApplication exe is sophisticated malware
  • C. FCS classified the event as malicious
  • D. The user was able to launch TestApplication exe

正解:A、B


質問 # 18
Which connectors can you use for the FortiEDR automated incident response? (Choose two.)

  • A. FortiGate
  • B. FortiSandbox
  • C. FortiNAC
  • D. FortiSiem

正解:A、D


質問 # 19
Which two statements about the FortiEDR solution are true? (Choose two.)

  • A. It provides pre-infection and post-infection protection
  • B. It provides pant-to-point protection
  • C. It provides central management
  • D. It is Windows OS only

正解:A、B


質問 # 20
Which two statements are true about the remediation function in the threat hunting module? (Choose two.)

  • A. The threat hunting module sends the user a notification to delete the file
  • B. The file is quarantined
  • C. The file is removed from the affected collectors
  • D. The threat hunting module deletes files from collectors that are currently online.

正解:A、B


質問 # 21
Exhibit.

Based on the forensics data shown in the exhibit which two statements are true? (Choose two.)

  • A. Device C8092231196 has been isolated
  • B. The event was blocked because the certificate is unsigned
  • C. The device cannot be remediated
  • D. The execution prevention policy has blocked this event.

正解:A、B


質問 # 22
What is the purpose of the Threat Hunting feature?

  • A. Identify all instances of a known malicious file or hash and notify affected users
  • B. Execute playbooks to isolate affected collectors in the organization
  • C. Delete any file from any collector in the organization
  • D. Find and delete all instances ofa known malicious file or hash inthe organization

正解:A


質問 # 23
Exhibit.

Based on the event shown in the exhibit which two statements about the event are true? (Choose two.)

  • A. The policy is in simulation mode
  • B. Playbooks is configured for this event.
  • C. The event has been blocked
  • D. The device is moved to isolation.

正解:A、B


質問 # 24
Refer to the exhibit.

Based on the FortiEDR status output shown in the exhibit, which two statements about the FortiEDR collector are true? (Choose two.)

  • A. The collector has been installed with an incorrect port number
  • B. The collector device cannot reach the central manager
  • C. The collector device has windows firewall enabled
  • D. The collector has been installed with an incorrect registration password

正解:A、B


質問 # 25
Refer to the exhibits.


The exhibits show the collector state and active connections. The collector is unable to connect to aggregator IP address 10.160.6.100 using default port.
Based on the netstat command output what must you do to resolve the connectivity issue?

  • A. Reinstall collector agent and use port 6514
  • B. Reinstall collector agent and use port 443
  • C. Reinstall collector agent and use port 8081
  • D. Reinstall collector agent and use port 555

正解:C


質問 # 26
An administrator needs to restrict access to the ADMINISTRATION tab inthe central manager for a specific account.
What role should the administrator assign to this account?

  • A. User
  • B. REST API
  • C. Local Admin
  • D. Admin

正解:C


質問 # 27
Refer to the exhibit.

Based on the threat hunting query shown in the exhibit which of the following is true?

  • A. The query will only check for network category
  • B. This query is included in other organizations
  • C. RDP connections will be blocked and classified as suspicious
  • D. A security event will be triggered when the device attempts a RDP connection

正解:D


質問 # 28
Refer to the exhibit.

Based on the event exception shown in the exhibit which two statements about the exception are true? (Choose two)

  • A. A partial exception is applied to this event
  • B. The exception is applied only on device C8092231196
  • C. FCS playbooks is enabled by Fortinet support
  • D. The system owner can modify the trigger rules parameters

正解:A、B


質問 # 29
......


NSE5_EDR-5.0試験は、エンドポイント検出と対応、FortiEDRアーキテクチャとコンポーネント、展開と設定、監視と分析、事件対応など、EDRに関する幅広いトピックに関する60問の複数選択問題からなります。試験時間は限られており、受験者は90分で試験を完了する必要があります。


Fortinet NSE5_EDR-5.0試験は、エンドポイントの検出と対応のスキルを向上させ、Fortinet Security Solutionsとの協力に関心を持っているIT専門家にとって貴重な認証です。この試験に合格することにより、候補者はFortiedr 5.0ソリューションの展開と管理に関する専門知識を実証できます。

 

Fortinet NSE5_EDR-5.0問題を提供していますNSE 5 Network Security Analyst問題集と完璧な解答付き:https://www.goshiken.com/Fortinet/NSE5_EDR-5.0-mondaishu.html

関するブログ

もっと
NSE5_EDR-5.0無料問題集