EDR example

EDR example

Professional Development

20 Qs

quiz-placeholder

Similar activities

Preguntas NS7 - Test No. 2

Preguntas NS7 - Test No. 2

Professional Development

17 Qs

Part 3.2

Part 3.2

Professional Development

20 Qs

NEVERMORE QUIZZY POP

NEVERMORE QUIZZY POP

Professional Development

15 Qs

Quiz 3

Quiz 3

Professional Development

19 Qs

React_Beautiful_DND _1

React_Beautiful_DND _1

Professional Development

20 Qs

Sunflower Web2

Sunflower Web2

Professional Development

15 Qs

Pulse Session 1

Pulse Session 1

Professional Development

19 Qs

Exam Questions NSE4_FGT-7.0 Fortinet NSE 4 - FortiOS 7.0

Exam Questions NSE4_FGT-7.0 Fortinet NSE 4 - FortiOS 7.0

Professional Development

22 Qs

EDR example

EDR example

Assessment

Quiz

Computers

Professional Development

Hard

Created by

Hector Cuello

FREE Resource

20 questions

Show all answers

1.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

What is true about classifications assigned by Fortinet Cloud Service (FCS)?

FCS revises the classification of the core based on its database.

The core only assigns a classification if FCS is not available.

FCS is responsible for all classifications.

The core is responsible for all classifications if FCS playbooks are disabled.

2.

MULTIPLE SELECT QUESTION

2 mins • 1 pt

Media Image

Based on the forensics data shown in the exhibit, which two statements are true? (Choose two.)

The device cannot be remediated.

The execution prevention policy has blocked this event.

The event was blocked because the certificate is unsigned.

Device C8092231196 has been isolated.

3.

MULTIPLE SELECT QUESTION

2 mins • 1 pt

Media Image

Based on the event shown in the exhibit, which two statements about the event are true? (Choose two.)

The NGAV policy has blocked TestApplication.exe.

FCS classified the event as malicious.

TestApplication.exe is sophisticated malware.

The user was able to launch TestApplication.exe.

4.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

How does FortiEDR implement post-infection protection?

By insurance against ransomware

By preventing data exfiltration or encryption even after a breach occurs

By real-time filtering to prevent malware from executing

By using methods used by traditional EDR

5.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which scripting language is supported by the FortiEDR action manager?

TCL

Bash

Perl

Python

6.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which security policy has all of its rules disabled by default?

Exfiltration Prevention

Execution Prevention

Device Control

Ransomware Prevention

7.

MULTIPLE SELECT QUESTION

2 mins • 1 pt

Media Image

Based on the event shown in the exhibit, which two statements about the event are true? (Choose two.)

The policy is in simulation mode.

The device is moved to isolation.

The event has been blocked.

Playbooks is configured for this event.

Create a free account and access millions of resources

Create resources
Host any resource
Get auto-graded reports
or continue with
Microsoft
Apple
Others
By signing up, you agree to our Terms of Service & Privacy Policy
Already have an account?