NSE 5 – FortiEDR 5.0 — Question 9

How does FortiEDR implement post-infection protection?

Answer options

• A. By insurance against ransomware
• B. By preventing data exfiltration or encryption even after a breach occurs
• C. By real-time filtering to prevent malware from executing
• D. By using methods used by traditional EDR

Correct answer: B

Explanation

The correct answer is B because FortiEDR specifically aims to prevent data from being exfiltrated or encrypted after a system has been breached, ensuring that the damage is minimized. Option A is incorrect as it refers to ransomware coverage rather than post-infection measures. Option C, while relevant to malware prevention, does not address the situation after a breach has already occurred. Option D is inaccurate since traditional EDR methods do not provide the same level of post-infection protection.