View all questions & answers for the NSE 6 - FortiEDR 7.0 Administrator Exam Materials exam


NSE 6 - FortiEDR 7.0 Administrator Exam Materials-Question 6 Discussion

Refer to the Exhibit: Based on the event shown in the exhibit, which two statements about the event are true? (Choose two answers)

  • A. Playbooks are configured for this event.
  • B. The policy is in simulation mode.
  • C. The device is moved to isolation.
  • D. The event has been blocked.
Correct Answer: A,C

Brave-Dump Clients Votes

AC 100%

Comments



Brave-Dumps.com Admin 2026-04-19 22:22:27

Selected Answers: A, C


Explanation — Why this answer?

The exhibit shows that the device R2D2-kvm63 was moved from the “Training” group to the “High Security Collector Group” in FortiEDR.

This movement represents an isolation action triggered by a playbook.

The triggered rule “Training-eXtended Detection” confirms that a playbook was executed.

Moving the device to a High Security group is a form of isolation, not an event blocking action.