Fortinet NSE 2 – Ders 1(SOAR) Cevaplar

Soru 1: What are playbooks used for?

The plan an analyst creates to complete a task manually.
To automate actions an analyst typically would have to complete manually.
To optimize manual processes.
To describe the order analyst’s complete tasks.

Soru 2: What is alert fatigue?

When the number of alerts decline.
When an analyst is overwhelmed from the number of alerts coming in.
When a team reduces the number of alerts coming in using SOAR.
When a SOAR solution is overloaded with alerts.

Soru 3: What does the acronym SOAR stand for?

Security, Orchestration, Automation, & Response
Situation, Opportunity, Action, & Result
Single out, On the board, Asked, & Repeated
Situation, Orientation, Adroit, & Replication

Soru 4: Why is SOAR used?

To collaborate with other analysts during investigations.
To synchronize tools, accelerate response times, reduce alert fatigue, and compensate for the skill shortage gap.
To replace tier 1 analysts and automate all of their tasks.
To analyze workload, organize an analysts tasks, and allow teams to respond using their own processes.

Soru 5: Identify a benefit of SOAR.

Reports on all endpoints that require patching.
Elevates the security team’s sense of success.
Analyzes and generates a security score to better measure improvements in network security.
Increases your security teams efficiency by automating repetitive manual processes.