ExamTopics Logo
Mail Us[email protected]
Menu
Fortinet Discussions
exam questions

Exam NSE5_EDR-5.0 All Questions

View all questions & answers for the NSE5_EDR-5.0 exam
Go to Exam

Exam NSE5_EDR-5.0 topic 1 question 13 discussion

Actual exam question from Fortinet's NSE5_EDR-5.0
Question #: 13
Topic #: 1
[All NSE5_EDR-5.0 Questions]

Based on the forensics data shown in the exhibit, which two statements are true? (Choose two.)

  • A. An exception has been created for this event.
  • B. The device has been isolated.
  • C. The exfiltration prevention policy has blocked this event.
  • D. The forensics data is displayed in the stacks view.
Show Suggested Answer Hide Answer
Suggested Answer: BD 🗳️
by headhunter24 at Jan. 14, 2023, 1:46 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
headhunter24
Highly Voted 2 years ago
Correct answer B & D
upvoted 6 times
...
[Removed]
Highly Voted 1 year, 10 months ago
Selected Answer: BD
B- The Red icon on the device indicate isolation Icon D- At the top right corner the Green Icon is gray out indicating that is the selected view
upvoted 5 times
...
DataConsult
Most Recent 4 months, 3 weeks ago
C & D 1- The exe was blocked so there is no exception 2-the Isolate Button is clickable so the device is not isolated 3-TRUE: you can see the processes created so the exe was launched 4-True: you can see from the view selected in the top right corner
upvoted 2 times
...
Latrel
1 year, 2 months ago
Correct answer B & D
upvoted 2 times
...
thinasci01
1 year, 4 months ago
the correct answer is B and D
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago