Fortinet NSE 5 – FortiEDR 5.0 NSE5_EDR-5.0 Practice Test Questions

0
80

Want to pass NSE5_EDR-5.0 Fortinet NSE 5 – FortiEDR 5.0 exam? PassQuestion has created accurate Fortinet NSE 5 – FortiEDR 5.0 NSE5_EDR-5.0 Practice Test Questions that will help you improve your preparation level. Moreover, it will allow you to do a self-assessment so you can get a clear idea of the real exam scenario. It is strongly recommended to ensure that we have covered all the objectives of the certification exam so that you can pass the exam with ease and on your first attempt. Once you have prepared using our Fortinet NSE 5 – FortiEDR 5.0 NSE5_EDR-5.0 Practice Test Questions and taken multiple times, you will be able to pass the NSE5_EDR-5.0 Fortinet NSE 5 – FortiEDR 5.0 exam on the first attempt.

NSE5_EDR-5.0 Exam Description – Fortinet NSE 5 – FortiEDR 5.0
The Fortinet NSE 5 – FortiEDR 5.0 exam is part of the NSE5 Network Security Analyst program, and recognizes the successful candidateā€™s knowledge of and expertise with the FortiEDR solution. The exam tests the candidate’s applied knowledge of FortiEDR configuration, operation, and day-to-day administration, and includes operational scenarios, configuration extracts, and troubleshooting captures. The Fortinet NSE 5 – FortiEDR 5.0 exam is intended for network and security professionals responsible for the configuration and administration of endpoint security solutions in an enterprise network security infrastructure.

Exam Information
Exam Name: Fortinet NSE 5 -FortiEDR 5.0
Exam series: NSE5_EDR-5.0
Time allowed: 60 minutes
Exam questions: 30 multiple-choice questions
Scoring Pass or fail. A score report is available from your Pearson VUE account.
Language: English
Product version: FortiEDR 5.0

Exam Objectives
Successful candidates have applied knowledge and skills in the following areas and tasks:

FortiEDR system
Explain FortiEDR architecture and technical positioning
Perform installation process
Perform FortiEDR inventory and use system tools
Deploy FortiEDR multi-tenancy
Use API to carry out FortiEDR management functions
FortiEDR security settings and policies
Configure communication control policy
Configure security policies
Configure playbooks
Explain Fortinet Cloud Service (FCS)
Events, forensics, and threat hunting
Analyze security events and alerts
Configure threat hunting profiles and scheduled queries
Analyze threat hunting data
Investigate security events using forensics analysis
FortiEDR integration
Deploy FortiXDR
Configure security fabric using FortiEDR
FortiEDR troubleshooting
Perform FortiEDR troubleshooting
Perform alert analysis on FortiEDR security events and logs
View Online Fortinet NSE 5 -FortiEDR 5.0 FortiEDR 5.0 Free Questions
1.Which two types of remote authentication does the FortiEDR management console support? (Choose two.)
A. Radius
B. SAML
C. TACACS
D. LDAP
Answer: A,D

2.Which two statements about the FortiEDR solution are true? (Choose two.)
A. It provides pre-infection and post-infection protection
B. It is Windows OS only
C. It provides central management
D. It provides pant-to-point protection
Answer: A,D

3.How does FortiEDR implement post-infection protection?
A. By preventing data exfiltration or encryption even after a breach occurs
B. By using methods used by traditional EDR
C. By insurance against ransomware
D. By real-time filtering to prevent malware from executing
Answer: D

4.An administrator needs to restrict access to the ADMINISTRATION tab inthe central manager for a specific account.
What role should the administrator assign to this account?
A. Admin
B. User
C. Local Admin
D. REST API
Answer: C

5.A company requires a global communication policy for a FortiEDR multi-tenant environment.
How can the administrator achieve this?
A. An administrator creates a new communication control policy and shares it with other organizations
B. A local administrator creates new a communication control policy and shares it with other organizations
C. A local administrator creates a new communication control policy and assigns it globally to all organizations
D. An administrator creates a new communication control policy for each organization
Answer: C

6. FortiXDR relies on which feature as part of its automated extended response?
A. Playbooks
B. Security Policies
C. Forensic
D. Communication Control
Answer: B

7. The FortiEDR axe classified an event as inconclusive, out a few seconds later FCS revised the classification to malicious.
What playbook actions ate applied to the event?
A. Playbook actions applied to inconclusive events
B. Playbook actions applied to handled events
C. Playbook actions applied to suspicious events
D. Playbook actions applied to malicious events
Answer: D

8. Which FortiEDR component is required to find malicious files on the entire network of an organization?
A. FortiEDR Aggregator
B. FortiEDR Central Manager
C. FortiEDR Threat Hunting Repository
D. FortiEDR Core
Answer: A