View all questions & answers for the NSE 6 - FortiEDR 7.0 Administrator Exam Materials exam


NSE 6 - FortiEDR 7.0 Administrator Exam Materials-Question 22 Discussion
Comment Image Comment Image Comment Image

You are asked to configure a query to run every 15 minutes, automatically searching for specific registry modifications across all endpoints. Which FortiEDR feature must you configure? (Choose one answer)

  • A. A communication control rule with a 15-minute delay
  • B. A manual query linked to a policy override
  • C. A scheduled query defined within a threat hunting profile
  • D. A new playbook trigger based on the registry change event
Correct Answer: C

Brave-Dump Clients Votes

C 100%

Comments



Brave-Dumps.com Admin 2026-04-19 22:08:06

Selected Answers: C


Explanation — Why this answer?

In FortiEDR, Threat Hunting Profiles allow you to configure scheduled queries that run automatically at defined intervals (e.g., every 15 minutes).

This is the only feature that provides time-based automation for searching events such as registry modifications.

Anonymous User 2026-04-25 11:25:46

Selected Answers: C


C
Only a scheduled query in a threat hunting profile supports periodic, automated searches across endpoints.

Anonymous User 2026-05-18 23:56:55

Selected Answers: C


FortiEDR Administrator Study guide 7.0 p213
https://training.fortinet.com/pluginfile.php/3546652/mod_resource/content/26/FortiEDR_7.0_Administrator_Study_Guide-Online.pdf?forcedownload=1