Page: 1
/ 9
Total 44 questions
What is true about classifications assigned by Fortinet Cloud Service (FCS)?
- A. FCS revises the classification of the core based on its database.
- B. The core only assigns a classification if FCS is not available.
- C. FCS is responsible for all classifications.
- D. The core is responsible for all classifications if FCS playbooks are disabled.
Answer : C
Based on the forensics data shown in the exhibit, which two statements are true? (Choose two.)
- A. The device cannot be remediated.
- B. The execution prevention policy has blocked this event.
- C. The event was blocked because the certificate is unsigned.
- D. Device C8092231196 has been isolated.
Answer : CD
Refer to the exhibit.
Based on the event shown in the exhibit, which two statements about the event are true? (Choose two.)
- A. The NGAV policy has blocked TestApplication.exe.
- B. FCS classified the event as malicious.
- C. TestApplication.exe is sophisticated malware.
- D. The user was able to launch TestApplication.exe.
Answer : AB
How does FortiEDR implement post-infection protection?
- A. By insurance against ransomware
- B. By preventing data exfiltration or encryption even after a breach occurs
- C. By real-time filtering to prevent malware from executing
- D. By using methods used by traditional EDR
Answer : B
31 days access 