[2023年05月02日]NSE5_EDR-5.0練習試験問題集で試験99%合格率があります
最新の検証済みNSE5_EDR-5.0問題と解答、合格保証もしくは全額返金
質問 # 17
Exhibit.
Based on the forensics data shown in the exhibit, which two statements are true? (Choose two.)
- A. The device has been isolated
- B. The forensics data is displayed m the stacks view
- C. The exfiltration prevention policy has blocked this event
- D. An exception has been created for this event
正解:A、C
質問 # 18
Refer to the exhibit.
Based on the event shown in the exhibit, which two statements about the event are true? (Choose two.)
- A. The user was able to launch TestApplication exe
- B. The NGAV policy has blocked TestApplication exe
- C. FCS classified the event as malicious
- D. TestApplication exe is sophisticated malware
正解:B、D
質問 # 19
Which scripting language is supported by the FortiEDR action managed?
- A. Perl
- B. TCL
- C. Python
- D. Bash
正解:B
質問 # 20
Which FortiEDR component is required to find malicious files on the entire network of an organization?
- A. FortiEDR Aggregator
- B. FortiEDR Central Manager
- C. FortiEDR Threat Hunting Repository
- D. FortiEDR Core
正解:A
質問 # 21
FortiXDR relies on which feature as part of its automated extended response?
- A. Forensic
- B. Playbooks
- C. Communication Control
- D. Security Policies
正解:D
質問 # 22
Which two types of remote authentication does the FortiEDR management console support? (Choose two.)
- A. TACACS
- B. LDAP
- C. Radius
- D. SAML
正解:B、C
質問 # 23
A company requires a global communication policy for a FortiEDR multi-tenant environment.
How can the administrator achieve this?
- A. An administrator creates a new communication control policy and shares it with other organizations
- B. A local administrator creates new a communication control policy and shares it with other organizations
- C. A local administrator creates a new communication control policy and assigns it globally to all organizations
- D. An administrator creates a new communication control policy for each organization
正解:C
質問 # 24
Refer to the exhibits.
The exhibits show application policy logs and application details Collector C8092231196 is a member of the Finance group What must an administrator do to block the FileZilia application?
- A. Assign Finance policy to Default Collector Group
- B. Deny application in Finance policy
- C. Assign Simulation Communication Control Policy to DBA group
- D. Assign Finance policy to DBA group
正解:C
質問 # 25
Refer to the exhibit.
Based on the threat hunting event details shown in the exhibit, which two statements about the event are true?
(Choose two.)
- A. The user fortinet has executed a ping command
- B. The PING EXE process was blocked
- C. The activity event is associated with the file action
- D. There are no MITRE details available for this event
正解:B、D
質問 # 26
An administrator needs to restrict access to the ADMINISTRATION tab inthe central manager for a specific account.
What role should the administrator assign to this account?
- A. User
- B. Local Admin
- C. REST API
- D. Admin
正解:B
質問 # 27
Refer to the exhibit.
Based on the event exception shown in the exhibit which two statements about the exception are true? (Choose two)
- A. FCS playbooks is enabled by Fortinet support
- B. A partial exception is applied to this event
- C. The system owner can modify the trigger rules parameters
- D. The exception is applied only on device C8092231196
正解:B、D
質問 # 28
What is the benefit of using file hash along with the file name in a threat hunting repository search?
- A. It helps to make sure the hash is really a malware
- B. It helps to check the malware even if the malware variant uses a different file name
- C. It helps locate a file as threat hunting only allows hash search
- D. It helps to find if some instances of the hash are actually associated with a different file
正解:D
質問 # 29
......
NSE5_EDR-5.0リアル有効かつ正確な問題集30問題と解答が待ってます:https://www.goshiken.com/Fortinet/NSE5_EDR-5.0-mondaishu.html