Kategori arşivi: Fortinet

Fortinet ürün ailesine ait hata çözümleri, nasıl yapılır yazıları ve yetenek sınavlarına ait çözümler yer alır.

Fortinet NSE 2 – Ders 13(Wi-Fi) Cevaplar

Soru 1: Which standard is Wi-Fi based on?

IEEE 802.11
10Base-T
ISO 5750
5-4-3 rule

Soru 2: What does WPA stand for?

Wireless provisioning agency
Wi-Fi protected access
Wi-Fi performance attributes
Wireless proliferation algorithm

Soru 3: When the Ethernet switch was introduced, what major benefit did it bring to networks?

It increased the number of computers that can be connected to a network.
It reduced the number of transmission collisions that occur on a wired network.
It allowed simultaneous transmissions on a network.
It enabled the connection of wireless clients.

Soru 4: The current best level of security provided for Wi-Fi networks is WPA3. Which other Wi-Fi security protocol is also commonly recommended?

WPA
WPA4
WEP
WPA2

Soru 5: In what year did the rise of the first wireless local access network occur?

1985
1997
1991
1988

Fortinet NSE 2 – Ders 12(Web Filter) Cevaplar

Soru 1: Web filters use rules to determine which web sites are blocked. Who or what sets the rules in place?

Governments
The company or individual installing the application
Law enforcement agencies
Device manufacturers

Soru 2: Web filters can provide a safe browsing experience by blocking which three threats? (Choose three.)

Adware
DHCP requests
Spyware
Viruses

Soru 3: What are two things that a web filter does? (Choose two.)

It monitors internet traffic to ensure that users do not exceed their online quota.
It makes decisions based on rules set in place by the company.
It blocks certain words or phrases based on a user’s preference.
It examines incoming web pages to determine if any of the content should be blocked.

Soru 4: Which three products has Fortinet integrated web filters into? (Choose three.)

FortiGate
FortiClient
FortiSIEM
FortiSandbox
FortiAP

Soru 5: Which method do web filters typically use to block web sites?

They inspect web pages in a secure container for viruses.
They examine email links to ensure that URLs have not been spoofed.
They consult a URL database of websites and domains that are known to be harmful.
They return search results from only sanctioned web sites.

Fortinet NSE 2 – Ders 11(Web Application Firewall) Cevaplar

Soru 1: What does a web application firewall do?

It prevents applications from accessing the web at certain times of the day.
It provides a means for businesses to monitor which web applications their users are accessing.
It monitors and blocks malicious HTTP/HTTPS traffic to and from a web application.
It allows applications to access online content.

Soru 2: Which was the predecessor to a web application firewall?

Application firewall
Internet filter
Antivirus software
Web firewall

Soru 3: When considering web application firewalls, what two factors make a signature-based approach to defense, obsolete? (Choose two.)

Signature-based detection, when used alone, can generate many false positives.
Signature-based detection is not effective against zero-day exploits.
Signatures cannot stop SQL injection attacks.
Signature-based detection is too slow to identify threats.

Soru 4: Which statement about integrating FortiGuard Labs with FortiWeb, is true?

FortiGuard Labs provides machine learning features to FortiWeb.
FortiGuard Labs can be integrated with other Fortinet products, as well as FortiWeb.
FortiGuard Labs provides vital updates to FortiWeb about new threats.
FortiGuard Labs is an optional feature that does not provide any benefits to FortiWeb.

Soru 5: Which two products can be integrated with FortiWeb? (Choose two.)

FortiSandbox
FortiConnect
FortiFax
FortiPhone
FortiGate

Fortinet NSE 2 – Ders 10(Security Information & Event Management) Cevaplar

Soru 1: Which three tasks must technology perform to satisfy network security compliance requirements? (Choose three.)

Store log data for a length of time that satisfies auditing requirements
Prevent employees from accessing the internet
Aggregate logs from many network sources
Monitor, correlate, and notify events in real-time
Allow public access to aggregated logs

Soru 2: What does the term SIEM stand for?

Security Information and Event Manager
Security Information and Email Management
Security Information and Emergency Management
Security Information and Electronic Messaging

Soru 3: How did SIEM evolve?

From an information platform to a threat intelligence center
As an information platform only
As a threat intelligence center only
From an information platform to a fully integrated and automated center for security and network operations

Soru 4: Which three problems does SIEM solve? (Choose three.)

The lack of security awareness by employees
The complexity of technology and the difficulty with identifying attacks
The lack of implementation of authentication methods
The long delay in discovering security breaches by security teams
More sophisticated and stealthy cyber attacks

Soru 5: Which two requirements led to the development of SIEM? (Choose two.)

To simulate phishing attacks
To measure and prove compliance to various legislations
To contend with the flood of alerts issued from IPSs and IDSs
To perform vulnerability scanning

Fortinet NSE 2 – Ders 9(Secure Email Gateway) Cevaplar

Soru 1: What are three benefits of FortiMail? (Choose three.)

FortiMail identifies spam and phishing emails.
FortiMail integrates with FortiSandbox to identify advanced threats.
FortiMail provides caching and video stream splitting.
FortiMail filters outgoing traffic to protect valuable data.

Soru 2: What are two benefits of FortiMail integration? (Choose two.)

FortiMail does not need to be continually updated.
FortiMail can be integrated with edge firewalls.
FortiMail can be integrated with segmentation firewalls.
FortiMail does not need to be centrally managed.

Soru 3: What are two characteristics of FortiMail? (Choose two.)

FortiMail is a next-generation firewall (NGFW).
FortiMail is a sandboxing solution.
FortiMail integrates with firewalls and sandboxing solutions.
FortiMail is a secure email gateway (SEG).

Soru 4: Which feature can be added to secure email gateway?

Data leak prevention (DLP)
Data storage processing (DSP)
Data level protection (DLP)
Distributed leak prevention (DLP)

Soru 5: For which two reasons do you need to deploy Sender Policy Framework (SPF)? (Choose two.)

SPF is able to stop unknown threats; firewalls cannot.
SPF secures the network by strengthening the authentication method.
SPF scans only the network traffic, and it became a standard in 2014.
SPF is an email authentication method that detects fake sender addresses and emails.

Fortinet NSE 2 – Ders 8(Sandbox) Cevaplar

Soru 1: For which two reasons was the sandbox solution added to network security? (Choose two.)

AVs were able to stop unknown threats, but firewalls could not.
Firewalls and AVs were helpless against unknown threats.
Unknown threats needed to be quarantined.
Firewalls were quite sufficient but better risk management was needed.

Soru 2: What is the purpose of the sandbox?

To stop all BYOD network traffic
To flag and pass the known exploit to the endpoint to handle
To observe the activity of unknown code in a quarantined environment
To run vulnerability scans on all network endpoints

Soru 3: Which two business problems is FortiSandbox trying to solve? (Choose two.)

Nonexistent or inadequate firewall protection
The choice of performance over security by businesses
The potential to exploit OS or application weaknesses with malignant code
Insufficient fine-tuning of network performance

Soru 4: What are two characteristics of a sandbox? (Choose two.)

A sandbox only provides completely independent protection of IOT devices.
If something unexpected or malicious happens, it affects only the sandbox.
A sandbox provides full network security.
A sandbox confines the actions of code to the sandbox device and in isolation to the rest of the network.

Soru 5: Which two problems was network security experiencing before the introduction of a sandbox solution? (Choose two.)

Network security was unable to handle a coordinated attack using different threat vectors and methods.
AVs were not introduced into network security.
Firewalls were non-existent.
Security devices did not communicate with other security devices on the network.

Fortinet NSE 2 – Ders 7(Network Access Control) Cevaplar

Soru 1: What is one characteristic of headless devices?

Devices that provide only centralized architecture
Devices that are connected only to a wired network
Devices that cannot take a 3rd party security agent
Devices that have only AV software installed

Soru 2: What two security challenges do IoT devices present to IT security professionals? (Choose two.)

They often do not support security programs.
They are time consuming to deploy.
They can be exploited by bad actors.
They are frequently stolen.

Soru 3: What is one shortcoming of NAC solutions?

NAC solutions support only endpoint security.
Some NAC solutions underperform in wired environments, creating a security vulnerability.
NAC solutions do not support IoT devices.
NAC solutions do not support BYOD environments.

Soru 4: Which two network security concerns have grown dramatically for businesses in recent years? (Choose two.)

Malware protection requirements
Need for overall network visibility
IoT devices connecting to a network
Need for AVs

Soru 5: What are the three key activities performed by NAC? (Choose three.)

Profile all devices to identify what access they should have
Provide appropriate network access to devices
Watch for IoT devices to respond to CNC servers in the Internet
Discover all devices on the network

Fortinet NSE 2 – Ders 6(Firewall) Cevaplar

Soru 1: What is Fortinet’s range of next-generation firewall devices called? 

FortiGate
FortiBlocker
FortiFirewall
FortiGuard

Soru 2: What works closely with FortiGate next-generation firewall products to provide the highest level of network security?

NSS Labs
FortiGuard Labs
Gartner
RFCs

Soru 3: What three key, additional security features do next-generation firewalls provide, that legacy firewalls do not? (Choose three.)

Web application firewall
Application visibility and control
Intrusion prevention system (IPS)
Packet-filtering based on IP address

Soru 4: With the explosion of the World Wide Web, the composition of network protocols skewed heavily towards HTTP. What challenge did this shift pose to legacy firewalls?

Firewalls did not have visibility into HTTP ports.
HTTP request methods were too complex and diverse.
Different web applications used the same HTTP port number, making it difficult for firewalls to distinguish between applications.
HTTP was an application layer protocol that relied heavily on TCP.

Soru 5: What additional functionality did second generation firewalls provide that early packet filter firewalls did not?

They observed network connections over time and continuously examined conversations between endpoints.
They examined packet headers to detect if the packet contained viruses.
They looked up the IP address of the sender to determine if the source was on a suspect network.
They were stateless firewalls that allowed rogue packets that did not belong to an existing connection to pass through the firewall.

Fortinet NSE 2 – Ders 5(Threat Intelligence Services) Cevaplar

Soru 1: The threat intelligence service catalogs data about existing or emerging attacks, including the specific mechanisms of the attack, and evidence that the attack has happened.
 
What is this data also known as?

Machine learning
Sandboxing
Artificial intelligence
Indicators of compromise
Intelligence catalogs

Soru 2: Which are three functions of sandboxing? (Choose three.)

Sandboxes can send the details to the vendor’s threat intelligence service so that the details can be shared worldwide.
Sandboxing products take a suspect file and places it in an environment where its behaviors can be closely analyzed.
After some time, if nothing malicious is detected in the quarantined files, the sandbox declares them as safe and releases them from quarantine.
Depending on the configuration, the owner of the sandbox can propagate this new knowledge across their network security environment.
Sandboxing quarantines suspicious files and immediately flags them as malware.

Soru 3: What happens when each known malware file is represented by a one-to-one signature approach?

There are more vendor organizations that are able to keep up with the increasing number of malware files.
Malware-as-a-service organizations provide do-it-yourself malware kits as a solution.
The malware count increases daily, however it can be detected early by a one-to-one signature approach.
The variations of malware are easily detected thanks to the affordability of malware kits.
It does not scale well, because the number of malware files increases by millions or more each day.

Soru 4: In the early days of threat intelligence service, in which three timeframes were vendor updates released? (Choose three.)

Every week
Quarterly
Once a year
Monthly

Twice a year

Soru 5: Which statement about cyber-attacks is true?

Sharing intelligence among security vendors is the best way to fight threats.
It is important that individuals become more aware of and knowledgeable about any attacks.
Security products and threat intelligence services that can act together in real time stand the best chance of stopping these attacks.
As bad actors continue to evolve it is important to invest in expensive security products.
There is no secrecy within security vendors and all information is shared.

Fortinet NSE 2 – Ders 4(Endpoint) Cevaplar

Soru 1: Which method did early antivirus products use to detect malware?

They compared the signature of the file with a list of known virus signatures.
They searched for the word “virus” in the contents of the file.
They compared the name of the file with a list of known virus names.
They searched for the word “virus” in the file name.

Soru 2: What were early endpoint security products known as?

Disk or Data recovery tools
Sandboxes
Antivirus software
Floppy disks

Soru 3: How did the rise of the Internet affect the rate at which new malware variants appear?

The rate decreased
The rate increased tremendously
The rate increased slightly
The rate stayed the same

Soru 4: Which device is not considered an endpoint device?

Smartphone
IoT device
Laptop
Ethernet switch

Soru 5: In addition to existing, known threats, what other types of threats must modern endpoint solutions detect?

Network latency or network traffic analysis
Unknown threats
Hard drive crashes
Wi-Fi interference