View all questions & answers for the NSE 6 - FortiEDR 7.0 Administrator Exam Materials exam


NSE 6 - FortiEDR 7.0 Administrator Exam Materials-Question 12 Discussion

Refer to the Exhibit: A FortiEDR analyst is prioritizing response efforts. One application has a vulnerability score of Critical but an Unknown ACI rating, while another has a Medium vulnerability score with active ACI evidence of adversary targeting. Which application must be addressed first? (Choose one answer)

  • A. Both applications should be treated equally because patching is necessary.
  • B. The application with the Critical vulnerability score should be addressed first.
  • C. The decision depends only on asset criticality, not scores.
  • D. The application with the Medium vulnerability score and ACI evidence should be addressed first.
Correct Answer: D

Brave-Dump Clients Votes

D 100%

Comments



Brave-Dumps.com Admin 2026-04-19 22:17:40

Selected Answers: D


Explanation — Why this answer?

The ACI (Adversary Capability Intelligence) metric in FortiEDR indicates whether a vulnerability is actively being exploited in the wild.

A Medium severity vulnerability with confirmed active exploitation (ACI) is more urgent than a Critical vulnerability with no known exploitation (ACI: Unknown).

Therefore, Visual Studio (Medium NIST, Medium ACI) should be prioritized over Firefox (Critical NIST, ACI Unknown) because it represents a real, active threat, not just a theoretical risk.