NSE5_EDR-5.0 Exam Details

  • Exam Code
    :NSE5_EDR-5.0
  • Exam Name
    :Fortinet NSE 5 - FortiEDR 5.0
  • Certification
    :Fortinet Certifications
  • Vendor
    :Fortinet
  • Total Questions
    :41 Q&As
  • Last Updated
    :Jul 09, 2026

Fortinet NSE5_EDR-5.0 Online Questions & Answers

  • Question 1:

    Refer to the exhibit.

    Based on the FortiEDR status output shown in the exhibit, which two statements about the FortiEDR collector are true? (Choose two.)

    A. The collector device has windows firewall enabled
    B. The collector has been installed with an incorrect port number
    C. The collector has been installed with an incorrect registration password
    D. The collector device cannot reach the central manager

  • Question 2:

    Exhibit.

    Based on the event shown in the exhibit which two statements about the event are true? (Choose two.)

    A. The device is moved to isolation.
    B. Playbooks is configured for this event.
    C. The event has been blocked
    D. The policy is in simulation mode

  • Question 3:

    Which statement is true about the flow analyzer view in forensics?

    A. It displays a graphic flow diagram.
    B. Two events can be compared side-by-side.
    C. It shows details about processes and sub processes.
    D. The stack memory of a specific device can be retrieved

  • Question 4:

    Which two statements about the FortiEDR solution are true? (Choose two.)

    A. It provides pre-infection and post-infection protection
    B. It is Windows OS only
    C. It provides central management
    D. It provides pant-to-point protection

  • Question 5:

    Exhibit.

    Based on the forensics data shown in the exhibit which two statements are true? (Choose two.)

    A. The device cannot be remediated
    B. The event was blocked because the certificate is unsigned
    C. Device C8092231196 has been isolated
    D. The execution prevention policy has blocked this event.

  • Question 6:

    How does FortiEDR implement post-infection protection?

    A. By preventing data exfiltration or encryption even after a breach occurs
    B. By using methods used by traditional EDR
    C. By insurance against ransomware
    D. By real-time filtering to prevent malware from executing

  • Question 7:

    Refer to the exhibit.

    The exhibit shows an event viewer.

    What is true about the Payroll Manager.exe event?

    A. An event has not been handled by a console admin
    B. An event has been deleted
    C. A rule assigned action is set to block but the policy is in simulation mode
    D. An event has been handled by the communication control policy

  • Question 8:

    Refer to the exhibits.

    The exhibits show application policy logs and application details Collector C8092231196 is a member of the Finance group What must an administrator do to block the FileZilia application?

    A. Deny application in Finance policy
    B. Assign Finance policy to DBA group
    C. Assign Finance policy to Default Collector Group
    D. Assign Simulation Communication Control Policy to DBA group

  • Question 9:

    Refer to the exhibits.

    The exhibits show the collector state and active connections. The collector is unable to connect to aggregator IP address 10.160.6.100 using default port. Based on the netstat command output what must you do to resolve the connectivity issue?

    A. Reinstall collector agent and use port 443
    B. Reinstall collector agent and use port 8081
    C. Reinstall collector agent and use port 555
    D. Reinstall collector agent and use port 6514

  • Question 10:

    Which two events can trigger FortiEDR NGAV policy violations? (Choose two.)

    A. When a malicious file attempts to communicate externally
    B. When a malicious file is executed
    C. When a malicious file is read
    D. When a malicious file attempts to access data

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Fortinet exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your NSE5_EDR-5.0 exam preparations and Fortinet certification application, do not hesitate to visit our Vcedump.com to find your solutions here.