View all questions & answers for the NSE 6 - FortiEDR 7.0 Administrator Exam Materials exam


NSE 6 - FortiEDR 7.0 Administrator Exam Materials-Question 14 Discussion
Comment Image Comment Image Comment Image

Refer to the exhibit. Based on the threat hunting event details shown in the exhibit, which two statements about the event are true? (Choose two answers)

  • A. There are no MITRE details available for this event.
  • B. The activity event is associated with the file action.
  • C. The PING.EXE process was blocked.
  • D. The user fortinet has executed a ping command.
Correct Answer: A,D

Brave-Dump Clients Votes

BD 66.67%
AD 33.33%

Comments



Brave-Dumps.com Admin 2026-04-19 22:15:59

Selected Answers: B, D


Explanation — Why this answer?

The exhibit shows that the executing user is “R2D2-KVM63\fortinet”, with the command line “fortinet.com” (the ping target).

The process PING.EXE displays a green check mark, indicating that it is allowed and not blocked in FortiEDR.

The Process Creation event type is associated with a file execution action.

MITRE details may be available, but they are not visible in this specific view.

Anonymous User 2026-04-30 14:45:00

Selected Answers: B, D


BD

Anonymous User 2026-05-18 23:46:09

Selected Answers: A, D


• There is no indication of available MITRE details for this event and no MITRE icon
• There is no indication of an action happening
• The executing user name is ****\fortinet