View all questions & answers for the NSE 6 - FortiEDR 7.0 Administrator Exam Materials exam


NSE 6 - FortiEDR 7.0 Administrator Exam Materials-Question 14 Discussion

Refer to the exhibit. Based on the threat hunting event details shown in the exhibit, which two statements about the event are true? (Choose two answers)

  • A. There are no MITRE details available for this event.
  • B. The activity event is associated with the file action.
  • C. The PING.EXE process was blocked.
  • D. The user fortinet has executed a ping command.
Correct Answer: B,D

Brave-Dump Clients Votes

BD 100%

Comments



Brave-Dumps.com Admin 2026-04-19 22:15:59

Selected Answers: B, D


Explanation — Why this answer?

The exhibit shows that the executing user is “R2D2-KVM63\fortinet”, with the command line “fortinet.com” (the ping target).

The process PING.EXE displays a green check mark, indicating that it is allowed and not blocked in FortiEDR.

The Process Creation event type is associated with a file execution action.

MITRE details may be available, but they are not visible in this specific view.