Free NSE5_EDR-5.0 Exam Braindumps (page: 1)

Page 1 of 12

What is the purpose of the Threat Hunting feature?

  1. Delete any file from any collector in the organization
  2. Find and delete all instances of a known malicious file or hash in the organization
  3. Identify all instances of a known malicious file or hash and notify affected users
  4. Execute playbooks to isolate affected collectors in the organization

Answer(s): C



How does FortiEDR implement post-infection protection?

  1. By preventing data exfiltration or encryption even after a breach occurs
  2. By using methods used by traditional EDR
  3. By insurance against ransomware
  4. By real-time filtering to prevent malware from executing

Answer(s): A


Reference:

https://www.fortinet.com/content/dam/fortinet/assets/data-sheets/fortiedr.pdf



Refer to the exhibit.



Based on the forensics data shown in the exhibit which two statements are true? (Choose two.)

  1. The device cannot be remediated
  2. The event was blocked because the certificate is unsigned
  3. Device C8092231196 has been isolated
  4. The execution prevention policy has blocked this event.

Answer(s): B,C



What is the benefit of using file hash along with the file name in a threat hunting repository search?

  1. It helps to make sure the hash is really a malware
  2. It helps to check the malware even if the malware variant uses a different file name
  3. It helps to find if some instances of the hash are actually associated with a different file
  4. It helps locate a file as threat hunting only allows hash search

Answer(s): B



Page 1 of 12



Post your Comments and Discuss Fortinet NSE5_EDR-5.0 exam with other Community members:

Swapnil 3/29/2024 10:29:35 PM
Awesome dumps
Anonymous
upvote

sxsdeed 3/29/2024 8:54:05 PM
hank you for these questions. The PDF helped a lot. I breezed through the
UNITED KINGDOM
upvote

Noobtastic 3/29/2024 6:23:04 PM
In a security governance framework, which of the following publications would be at the HIGHEST level? the answer should be policy
UNITED KINGDOM
upvote

dave 3/29/2024 4:46:43 PM
Question 8 from the official BCS text book "A policy is a high-level statement of an organisation’s values, goals and objectives in a specific area"
Anonymous
upvote

dave 3/29/2024 3:59:30 PM
Question 2 answer is wrong Availability is not one of AAA
Anonymous
upvote

Aldo 3/29/2024 3:24:23 PM
Passed the exam 2 days ago. These questions are valid. The PDF version has more accurate content.
PORTUGAL
upvote

Nadhya 3/29/2024 9:50:47 AM
Good Questions
Anonymous
upvote

varanasi 3/29/2024 8:18:35 AM
nice questions
Anonymous
upvote

Agustin. 3/28/2024 11:46:10 PM
Buena, alguien recientementehizo el examen de especialist desktop?
Anonymous
upvote

Viral Patel 3/28/2024 6:03:20 PM
Q64 - Answer should be B. Syntax for ispickval (field name, value) and not ispickval(field=value)
Anonymous
upvote

Ethical hacker 3/28/2024 12:12:32 AM
Nice questions
UNITED STATES
upvote

Seema 3/27/2024 5:35:46 PM
Good post on pl 600
Anonymous
upvote

.Jak 3/27/2024 3:47:25 AM
.Still learning
THAILAND
upvote

Tushar Raj 3/27/2024 3:03:02 AM
nice quality
Anonymous
upvote

Won 3/27/2024 2:58:31 AM
Good material
UNITED STATES
upvote

concerned pl300 test taker 3/27/2024 2:08:40 AM
I just want to check if the comments are bot generated
UNITED STATES
upvote

Andy 3/27/2024 12:58:02 AM
Just passed this exam with a 88% mark.
Anonymous
upvote

Lakshmi 3/27/2024 12:47:28 AM
Qn No 42 answer is B
Anonymous
upvote

Alex 3/26/2024 9:17:47 PM
Hope to pass
CHINA
upvote

mahj 3/26/2024 5:31:06 PM
Is there any available site for simulation exams as well?
UNITED STATES
upvote

Fat Nose 3/26/2024 1:19:14 PM
This is legit and helpful. Passed my certificate yesterday.
UNITED STATES
upvote

Tiran 3/26/2024 1:04:23 PM
These questions are still valid
Anonymous
upvote

Aniket 3/26/2024 7:40:11 AM
Question 108 : correct answer is B,C and E
UNITED STATES
upvote

Aniket 3/26/2024 7:32:53 AM
Question 107 Correct answer is A https://help.salesforce.com/s/articleView?id=sf.admin_patient_records.htm&type=5
UNITED STATES
upvote

De M. 3/26/2024 7:08:50 AM
I managed to pass my exam with the help of this study questions.
Netherlands
upvote

DEE 3/26/2024 12:33:37 AM
THE QUESTION AND ANSWERS ARE GREAT FOR REVISION
Anonymous
upvote

hye 3/25/2024 6:55:05 PM
On question 156, where are you getting the PSK from?
UNITED STATES
upvote

UPENDRA 3/25/2024 10:57:11 AM
Good questions
Anonymous
upvote

UPENDRA 3/25/2024 10:51:55 AM
good accurate questions
Anonymous
upvote

DataGuru 3/25/2024 8:18:47 AM
Question 269. The answer should be False. Please review pg.560, "Communication should start early and continue openly and often."
Anonymous
upvote

Satish 3/25/2024 4:38:44 AM
I pass this exam today. All valid questions.
INDIA
upvote

Aniket 3/24/2024 1:18:24 PM
Question 99 : I think the answer should be A and B as why would you create a formula field on HealthCondition object to show a field on the patient card from the HealthCondition object only , so the field should be created on Account object which is option B.
UNITED STATES
upvote

Dayona 3/24/2024 12:30:36 PM
Good material
Anonymous
upvote

Anie 3/24/2024 12:17:27 PM
I need it. Thanh you!
VIET NAM
upvote