Security Operations Quiz Answers – NSE 3 Fortinet
Question 1: What are three categories of capabilities delivered by the Fortinet Security Operations solution? (Choose three.)
- Security automation and orchestration
- Network segmentation
- Security Fabric analytics
- Centralized management
- Application performance optimization
Question 2: The FortiAI Virtual Security Analyst is built on which machine learning model?
- Deep Neural Networks
- Bayesian Probability
- Random Forest Tree
- Naive Bayes
Question 3: What are three tasks that the FortiAI Virtual Security Analyst performs? (Choose three.)
- Analyzes and reports on network security gaps
- Detects threats
- Classifies threats
- Investigates threats
- Applies virtual patches to vulnerable devices
Question 4: FortiAnalyzer is primarily used for which purpose?
- Isolate untested code and unknown URLs from the production environment
- Centralized security logging and reporting
- Central management of any number of Fortinet devices
- Monitor incoming and outgoing network traffic and determines whether to allow or block specific traffic
Question 5: From which two sources does FortiAnalyzer correlate logs? (Choose two.)
Question 6: What are three key benefits of FortiAnalyzer? (Choose three.)
- Automates compliance
- Isolates untested code and unknown URLs
- Reduces complexity of management
- Allows or blocks specific network traffic
- Increases security
Question 7: Which statement correctly identifies how FortiDeceptor defends the network?
- Defends against bulk volumetric attacks at layer 3 and layer 4 of the OSI model.
- Blocks IP addresses and URLs that are identified on deny lists.
- Builds decoys to lure attackers and inspects their behaviour.
- Reports and enforces compliance of regulations, such as HIPAA and GDPR.
Question 8: What is the FortiDeceptor lifecycle?
- Detect > Expose > Protect
- Deceive > Expose > Eliminate
- Detect > Contain > Eliminate
- Deceive > Contain > Protect
Question 9: In FortiDeceptor, which three detection engines comprise the Anti-Reconnaissance and Anti-Exploit Service? (Choose three.)
- Indicators of Compromise
- Security Rating Service
- Web filtering service
- IPS detection
- Anti-malware service
Question 10: The roll back malicious changes feature in FortiEDR is at which stage of the overall attack phase?
Question 11: What EDR feature addresses automated incident response?
- Security risk scoring
- Anomaly detection
- Threat intelligence updates
Question 12: What are two ways that FortiSandbox bolsters Security Operations processes? (Choose two.)
- Creates playbooks for orchestrated response
- Automates the detection and response process across both IT and OT environments
- Provides endpoint visibility through telemetry and ensures that all Security Fabric components have a unified view of endpoints
- Powered by two machine learning models to deal with rapid evolving threats
Question 13: What are two FortiGuard services implemented in FortiSandbox? (Choose two.)
- Cleanup service
- File Query service
- Quarantine service
- Content Patented Recognition Language (CPRL)
Question 14: How does FortiSIEM support multi-tenancy?
- It allows enterprises and managed service providers to create partitioned reporting domains.
- It allows multiple instances of FortiSIEM to be used on the same network simultaneously.
- It provides support for FortiSIEM to analyse cloud-based resources.
- It allows multiple customers to share the same network infrastructure.
Question 15: What database is used by FortiSIEM to perform real-time asset discovery and classification?
- Configuration Management Database (CMDB)
- Relational Database Management System (RDBMS)
- Extract, Transfer, and Load (ETL)
- Lightweight Directory Access Protocol (LDAP)
Question 16: What are three capabilities of FortiSOAR? (Choose three.)
- Zero trust network access
- Customizable dashboards and reports
- Automate responses to alerts, incidents, and vulnerabilities
- Visual playbook builder
- HTTP/HTTPS traffic monitoring
Question 17: What are three capabilities of FortiXDR? (Choose three.)
- Adds analytics and converts security alerts to a manageable number of high fidelity incidents for investigation
- Enables pre-defined automatic response actions based on user, group, threat type, severity, and scope
- Confines the actions of an application to an isolated safe environment, and analyzes behavior to uncover malicious intent
- Optimizes application performance and availability, and provides security through integration with the Security Fabric
- Extends detection and response across digital attack surface edges including endpoints and IoT devices
Question 18: Which Security Operations use case solves the challenges of misconfigurations during deployment and obtaining detailed logs and telemetry?
- Single pane management, visibility, and analytics
- Cloud container security
- Advanced compliance reporting
- Network segmentation