- All Exams Instant Download
What is the purpose of the Threat Hunting feature?
What is the purpose of the Threat Hunting feature?A . Delete any file from any collector in the organization B. Find and delete all instances of a known malicious file or hash in the organization C. Identify all instances of a known malicious file or hash and notify affected users...
What is true about classifications assigned by Fortinet Cloud Sen/ice (FCS)?
What is true about classifications assigned by Fortinet Cloud Sen/ice (FCS)?A . The core is responsible for all classifications if FCS playbooks are disabled B. The core only assigns a classification if FCS is not available C. FCS revises the classification of the core based on its database D. FCS...
Based on the forensics data shown in the exhibit, which two statements are true?
Exhibit. Based on the forensics data shown in the exhibit, which two statements are true? (Choose two.)A . An exception has been created for this event B. The forensics data is displayed m the stacks view C. The device has been isolated D. The exfiltration prevention policy has blocked this...
Based on the threat hunting query shown in the exhibit which of the following is true?
Refer to the exhibit. Based on the threat hunting query shown in the exhibit which of the following is true?A . RDP connections will be blocked and classified as suspicious B. A security event will be triggered when the device attempts a RDP connection C. This query is included in...
Based on the FortiEDR status output shown in the exhibit, which two statements about the FortiEDR collector are true?
Refer to the exhibit. Based on the FortiEDR status output shown in the exhibit, which two statements about the FortiEDR collector are true? (Choose two.)A . The collector device has windows firewall enabled B. The collector has been installed with an incorrect port number C. The collector has been installed...
What role should the administrator assign to this account?
An administrator needs to restrict access to the ADMINISTRATION tab inthe central manager for a specific account. What role should the administrator assign to this account?A . Admin B. User C. Local Admin D. REST APIView AnswerAnswer: C
How does FortiEDR implement post-infection protection?
How does FortiEDR implement post-infection protection?A . By preventing data exfiltration or encryption even after a breach occurs B. By using methods used by traditional EDR C. By insurance against ransomware D. By real-time filtering to prevent malware from executingView AnswerAnswer: A
Which two types of remote authentication does the FortiEDR management console support? (Choose two.)
Which two types of remote authentication does the FortiEDR management console support? (Choose two.)A . Radius B. SAML C. TACACS D. LDAPView AnswerAnswer: A,D
Which two statements about the FortiEDR solution are true? (Choose two.)
Which two statements about the FortiEDR solution are true? (Choose two.)A . It provides pre-infection and post-infection protection B. It is Windows OS only C. It provides central management D. It provides pant-to-point protectionView AnswerAnswer: A,C
Based on the forensics data shown in the exhibit which two statements are true?
Exhibit. Based on the forensics data shown in the exhibit which two statements are true? (Choose two.)A . The device cannot be remediated B. The event was blocked because the certificate is unsigned C. Device C8092231196 has been isolated D. The execution prevention policy has blocked this event.View AnswerAnswer: B,C
