1. Home
  2. Fortinet
  3. NSE5_EDR-5.0

Fortinet NSE5_EDR-5.0 Online Practice Questions and Exam Preparation

NSE5_EDR-5.0 Exam Details

  • Exam Code
    :NSE5_EDR-5.0
  • Exam Name
    :Fortinet NSE 5 - FortiEDR 5.0
  • Certification
    :Fortinet Certifications
  • Vendor
    :Fortinet
  • Total Questions
    :41 Q&As
  • Last Updated
    :Jan 12, 2026

Fortinet NSE5_EDR-5.0 Online Questions & Answers

  • Question 1:

    Which two events can trigger FortiEDR NGAV policy violations? (Choose two.)

    A. When a malicious file attempts to communicate externally
    B. When a malicious file is executed
    C. When a malicious file is read
    D. When a malicious file attempts to access data

  • Question 2:

    An administrator finds that a newly installed collector does not display on the INVENTORY tab in the central manager.

    What two troubleshooting steps must the administrator perform? (Choose two.)

    A. Export the collector logs from the central manager.
    B. Verify the central manager has connectivity to FCS.
    C. Verify TCP ports 8081 and 555 are open.
    D. Check if the FortiEDR services are running on the collector device.

  • Question 3:

    A company requires a global exception for a FortiEDR multi-tenant environment.

    How can the administrator achieve this?

    A. The local administrator can create a new exception and share it with other organizations.
    B. A user account can create a new exception and share it with other organizations.
    C. The administrator can create a new exception and assign it globally to all organizations.
    D. The administrator can create a new exception policy for each organization hosted on FortiEDR.

  • Question 4:

    Which statement is true about the flow analyzer view in forensics?

    A. It displays a graphic flow diagram.
    B. Two events can be compared side-by-side.
    C. It shows details about processes and sub processes.
    D. The stack memory of a specific device can be retrieved

  • Question 5:

    How does the FortiEDR approach compare to the traditional EDR? (Choose two.)

    A. FortiEDR blocks threats in real time, eliminating the response gap
    B. Traditional EDR is faster
    C. There is no difference in response time
    D. FortiEDR requires less staff

  • Question 6:

    Refer to the exhibit.

    The exhibit shows an event viewer.

    What is true about the Payroll Manager.exe event?

    A. An event has not been handled by a console admin
    B. An event has been deleted
    C. A rule assigned action is set to block but the policy is in simulation mode
    D. An event has been handled by the communication control policy

  • Question 7:

    Which two types of traffic are allowed while the device is in isolation mode? (Choose two.)

    A. Outgoing SSH connections
    B. HTTP sessions
    C. ICMP sessions D. Incoming RDP connections

  • Question 8:

    When installing a FortiEDR collector, why is a `Registration Password' for collectors needed?

    A. To restrict installation and uninstallation of collectors
    B. To verify Fortinet support request
    C. To restrict access to the management console
    D. To verify new group assignment

  • Question 9:

    Which two criteria are requirements of integrating FortiEDR into the Fortinet Security Fabric? (Choose two.)

    A. Core with Core only functionality
    B. A Forensics add-on license
    C. Central Manager connected to FCS
    D. A valid API user with access to connectors

  • Question 10:

    Which three steps does FortiXDR perform to find and prevent cyberattacks? (Choose three.)

    A. Extended analysis
    B. Extended detection
    C. Extended discovery
    D. Extended investigation
    E. Extended response

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Fortinet exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your NSE5_EDR-5.0 exam preparations and Fortinet certification application, do not hesitate to visit our Vcedump.com to find your solutions here.