ExamTopics Logo
Mail Us[email protected]
Menu
Fortinet Discussions
exam questions

Exam NSE5_EDR-5.0 All Questions

View all questions & answers for the NSE5_EDR-5.0 exam
Go to Exam

Exam NSE5_EDR-5.0 topic 1 question 22 discussion

Actual exam question from Fortinet's NSE5_EDR-5.0
Question #: 22
Topic #: 1
[All NSE5_EDR-5.0 Questions]

Refer to the exhibit.

Based on the event exception shown in the exhibit, which two statements about the exception are true? (Choose two.)

  • A. FCS playbooks is enabled by Fortinet support.
  • B. The system owner can modify the trigger rules parameters.
  • C. The exception is applied only on device C8092231196.
  • D. A partial exception is applied to this event.
Show Suggested Answer Hide Answer
Suggested Answer: AB 🗳️
by joeytrib at June 1, 2023, 11:58 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
a27cf65
2 months, 1 week ago
Selected Answer: AB
A and B are correct
upvoted 1 times
...
DataConsult
4 months, 3 weeks ago
COrrect is A & B
upvoted 1 times
...
kilmar.sandoval
5 months, 3 weeks ago
Selected Answer: AB
B [True] - Note that if automatic exceptions are enabled, the system owner must follow up all automated exceptions. fortinet is not liable for any exception created by FCS. [Modify in needed] C [False] - Exceptions can only be defined for Collector Groups. If you would like to define an exception for a specific Collector, then create a Collector Group that only contains that Collector. D [False] - As you see, Exception is not partial. Collector groups [All], Destinations [All], Users[All]
upvoted 1 times
...
Dani_Prime
7 months, 1 week ago
The correct answers are A and B. I have been able to check B on my FortiEDR console.
upvoted 1 times
...
Latrel
1 year, 1 month ago
Selected Answer: AB
correct answers are A & B C is incorret, like @fran484 answer, exceptions are applied to the collector group and not to a specific device.
upvoted 2 times
...
fran484
1 year, 3 months ago
To me correct answers are A & B. C is not because in FortiEDR you don't apply anything to just one device but a collector group and the image shows the exception is applied to All Groups (unless device C8092231196 is the only device with a collector). D is not because in the image it shows that "All the Raw Data items are covered"
upvoted 4 times
...
thinasci01
1 year, 3 months ago
the correct answer is C and D.
upvoted 1 times
...
TeachTrooper
1 year, 6 months ago
Selected Answer: CD
CD study guide page 108
upvoted 1 times
soporte127
1 year, 6 months ago
why D ?
upvoted 1 times
...
...
joeytrib
1 year, 7 months ago
Selected Answer: AC
the correct answer are AC
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago