ExamTopics Logo
Mail Us[email protected]
Menu
Fortinet Discussions
exam questions

Exam NSE5_EDR-5.0 All Questions

View all questions & answers for the NSE5_EDR-5.0 exam
Go to Exam

Exam NSE5_EDR-5.0 topic 1 question 23 discussion

Actual exam question from Fortinet's NSE5_EDR-5.0
Question #: 23
Topic #: 1
[All NSE5_EDR-5.0 Questions]

The FortiEDR core classified an event as inconclusive, but a few seconds later FCS revised the classification to malicious.
What playbook actions are applied to the event?

  • A. Playbook actions applied to suspicious events
  • B. Playbook actions applied to inconclusive events
  • C. Playbook actions applied to handled events
  • D. Playbook actions applied to malicious events
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by ebenav11 at April 26, 2023, 9:15 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Latrel
1 month, 4 weeks ago
Selected Answer: D
the correct answer is D.
upvoted 1 times
...
thinasci01
3 months, 3 weeks ago
the correct answer is D.
upvoted 1 times
...
soporte127
6 months ago
is the opcion D
upvoted 1 times
...
ipfpjmpyoofpjuryee
8 months, 1 week ago
Selected Answer: D
Study guide p.96 "FCS controls playbook actions, if FCS is not available, no action will be taken" D is the correct answer. Core can only block, allow, or log
upvoted 4 times
...
ebenav11
8 months, 2 weeks ago
B. Playbook actions applied to inconclusive events Pag7 on study guide
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago