View all questions & answers for the NSE 6 - FortiEDR 7.0 Administrator Exam Materials exam


NSE 6 - FortiEDR 7.0 Administrator Exam Materials-Question 8 Discussion

A collector attempts to access a known malicious website. FortiEDR is configured for eXtended detection with FortiAnalyzer. What two roles does Fortinet Cloud Services (FCS) perform in this process? (Choose two answers)

  • A. FCS sends a log record to FortiAnalyzer.
  • B. FCS sends OS metadata to the FortiEDR manager.
  • C. FCS correlates and analyzes the collected logs.
  • D. FCS identifies if a malicious event has taken place and reports the detection incident.
Correct Answer: C,D

Brave-Dump Clients Votes

CD 100%

Comments



Brave-Dumps.com Admin 2026-04-19 22:21:07

Selected Answers: C, D


Explanation — Why this answer?

In an extended detection workflow involving FortiAnalyzer, FortiEDR Cloud Services (FCS) plays two key roles:

Correlating and analyzing collected logs to identify malicious patterns
Determining whether a malicious event has occurred and reporting the detection incident

FCS does not directly send logs to FortiAnalyzer, nor does it forward OS metadata to the manager.

Salon Raj Joshi 2026-04-22 12:00:03

Selected Answers: C, D


CD is correct
C) FCS correlates and analyzes the collected logs – FCS aggregates and processes telemetry from FortiEDR and FortiAnalyzer, applying global threat intelligence and machine learning to identify potential threats.

D) FCS identifies if a malicious event has taken place and reports the detection incident – After analysis, FCS verifies whether the event is malicious and reports the confirmed detection back to FortiEDR, triggering alerts and correlation in FortiAnalyzer.