NSE 2 ZTNA
Which feature or principle differentiates ZTNA from VPN?
Zero trust
Which statement best describes the zero-trust approach that is the basis for ZTNA design?
No device or user can be trusted inside or outside the network.
Which three examples qualify as working remotely? (Choose three.)
An IT director getting caught up on email using while waiting for a flight.
A CEO using VPN to securely connect to the network from home.
An HR specialist working from a branch office
Which feature is a characteristic of secure access?
Accounting
Which three methods are common implementations of secure remote access? (Choose three.)
ZTNA
SSL VPN
IPsec VPN
Which feature or principle differentiates ZTNA from VPN?
Zero trust
Which statement best describes the zero-trust approach that is the basis for ZTNA design?
No device or user can be trusted inside or outside the network.
Which two traits are unique to ZTNA? (Choose two.)
Requires identity validation of device and user
Tunnel type is session-based only
Which three examples qualify as working remotely? (Choose three.)
An HR specialist working from a branch office.
A CEO using VPN to securely connect to the network from home.
An IT director getting caught up on email using while waiting for a flight.
NSE 2 SASE
Which two cloud capabilities are combined to deliver SASE? (Choose two)
Security-as-a-Service
Network-as-a-Service
For network security, which three challenges have emerged as a result of rapid and disruptive digital innovation? (Choose three)
Expanding attack surface
Evolving compliance requirements
Growing number of off-network users accessing the central data center, without proper security
What behavior has impacted how users access corporate information, and thus requirements for network security?
Users accessing enterprise systems through personal devices that are not part of the enterprise infrastructure
What is a result of outdated network security solutions requiring all traffic running through the core data center for inspection?
Which statement is true regarding how SASE is delivered?
SASE is delivered using a combination of cloud-based services and optional physical on premise devices
What are two benefits of SASE? (Choose two)
Consistent security for mobile workforces
Optimized paths for all users to all clouds to improve performance and agility
What does the term “Thin Edge” refer to?
Branch locations with minimal security that are attached to a core network
What is a result of outdated network security solutions requiring all traffic running through the core data center for inspection?
Latency
What are three core capabilities of SASE? (Choose three)
Next-Generation firewall
Zero-Trust network access
Data loss prevention
What is the goal of SASE?
Support the dynamic, secure access needs of today’s organizations by extending enterprise-grade security and networking regardless of location
NSE 2 Cloud Security
Who has ultimate responsibility for the safety of the customer’s data and services hosted in the cloud?
The customer
Which two cloud services are types of cloud computing? (Choose two.)
Platform as a Service (PaaS)
Infrastructure as a Service (IaaS)
Complete the sentence. Cloud computing is the practice of
using a network of remote servers hosted on the internet to store, manage, and process data.
Identify a potential problem that customers risk if they rely solely on vendor cloud security tools.
The tools provide basic security and do not secure all facets of a multi-cloud environment.
Which reason drove organizations to use cloud services?
Cost savings by paying for only what computer services were needed.
What is an example of SaaS?
Google mail
Identify the correct description for IaaS.
Allows you to rent virtualized data infrastructure without having to physically manage it on premises
NSE 2 SD-WAN
Earlier businesses used a single, dedicated service provider to connect to the internet. What was the primary weakness of this design?
Unreliable
Which two benefits are gained from using an SD-WAN centralized management console? (Choose two.)
Greater network visibility
An ability to prioritize business-critical applications
Complete the sentence. WAN is a computer network that
spans a large geographic area and typically consists of two or more LANs.
Why might managing multiple point products cause greater complexity for IT security? (Choose two.)
Lack of integration between security products
Usually, multiple management consoles are required
Which feature in the first-generation SD-WAN applied intelligent business decisions?
Basic load balancing
Which business trend caused greater latency to the internet in the network model for the single, dedicated service provider?
Demand for more cloud applications and services
NSE 2 Endpoint Security
Why do threat actors target endpoints in a network?
They are an easy point of entry into a network.
Which type of malware seriously reduced the effectiveness of signature-based antivirus?
Polymorphic
Which two prevention-focused attributes are found in most contemporary endpoint security solutions? (Choose two.)
Machine learning (ML)
Virtual patches
Which three prevention-focused services are found in endpoint protection platform (EPP)? (Choose three.)
Data protection through encryption
Antivirus (AV)
Which attribute describes the earliest antivirus software?
Signature-based
What was the culmination of endpoint security development?
EDR and EPP technologies merged
Which service is used as part of endpoint detection and response (EDR)?
Forensics investigation tool
Which two types of devices are considered endpoints, according to the description in the lesson? (Choose two.)
Computer devices used by end users
Internet of Things (IoT)
Identify two problems that are solved by having a single security agent on endpoints. (Choose two.)
Lack of integration between endpoint security products
Multiple administration consoles adds complexity
Which description best identifies file-based malware?
A downloaded file, which when opened, runs malicious code or a script
NSE 2 Firewall
Which two types of firewalls can block a connection based on application type? (Choose two.)
Application layer
Next-generation firewall (NGFW)
Which type was the first generation of firewalls?
Packet filter
Which three traits are characteristics of a next generation firewall (NGFW)? (Choose three.)
Can segment a network based on user, device, and application type
Controls applications based on type or who the user is
Delivers high-performance inspection
What was a limitation of first-generation firewalls?
Could not distinguish between malicious and legitimate applications
Which firewall generation can you configure to allow a user to connect to Facebook, but not watch videos from that site?
Next-generation firewall (NGFW)
Complete the sentence. A packet filter firewall controls network traffic based on
network addresses, protocols, and ports.
NSE 2 Wi-Fi
What weakness of Wired Equivalent Privacy (WEP) made it unsuitable to secure Wi-Fi communications?
The RC4 encryption algorithm was easily defeated.
Which two features of Wi-Fi Protected Access 3 (WPA3) strengthened security? (Choose two.)
The handshake for establishing connections became more secure.
The encryption key size was lengthened.
What is Wi-Fi?
Technology for radio wireless local area networks
Which change that was introduced in Wi-Fi Protected Access 2 (WPA2) strengthened encrypted Wi-Fi communications?
Advanced Encryption Standard (AES) algorithm
Which two security practices make your home wireless network safer? (Choose two.)
Pick passphrases that are hard to guess.
Keep your router firmware up to date.
Wi-Fi is based on which standard?
IEEE 802.11
NSE 2 Threat Intelligence Services
In the early days, with which three frequencies did vendors update AV signatures? (Choose three.)
Annually
Quarterly
Monthly
What is the sandbox detection method known as?
Heuristic detection
Which method best defeats unknown malware?
Sandboxing
Which behavior does a sandbox look for when searching for malware?
Behaved abnormally
Which statement best describes polymorphic malware?
Polymorphic malware is a malware family with thousands of variants but behaving the same way.
Which statement best describes an indicator of compromise (IoC)?
Evidence that a cyberattack has happened or is ongoing
Which two organizations are examples of a threat intelligence service that serves the wider security community? (Choose two.)
Cyber Threat Alliance
FortiGuard Labs
NSE 2 SOAR
What are three reasons SOAR is used? (Choose three.)
Reduce alert fatigue
Accelerate response times
Compensate for the skill shortage
What are playbooks used for?
To automate the actions that an analyst would typically do manually
What is a common use case for an implementation of SOAR by customers?
Phishing investigations
Which is a benefit of SOAR?
It increases security team efficacy by automating repetitive processes
Which statement best describes SOAR?
SOAR connects all security tools together into defined workflows that can be run automatically
What is alert fatigue?
Analysts are overwhelmed by the number of alerts
NSE 2 Network Access Control
Why are IoT devices potential conduits of contagion?
Not able to install security software
How does NAC effectively segment a network?
Utilizing device profiles
Which three parties participate in network authentication, according to the IEEE 802.1X standards? (Choose three.)
Client device
Authentication server
Authenticator
What action do you typically need to do to join a public network, such as one in a coffee shop?
Agree to the legal terms for using the network
Which security challenge do BYODs pose to networks?
MIS does not control what is installed on these devices
What drives organizations to buy IoT devices?
Can save time and money
NSE 2 Sandbox
Within the computer security context, what is a sandbox?
An isolated virtual environment to test suspicious files and hyperlinks
What was a benefit of second generation sandbox technology?
Timely sharing of threat intelligence
What is a zero-day attack?
A cyberattack that exploits an unknown software vulnerability
Which failing characterized early sandbox technology?
Lack of integration with other security devices
Which feature in early networks made aggregating threat intelligence difficult?
Point solutions
Which feature characterizes third-generation sandbox technology?
Automation and artificial intelligence
Which new development in malware caused sandbox technology to automate and introduce artificial intelligence learning?
AI-driven attacks
NSE 2 Security Information & Event Management
What is one method that SIEM uses to analyze data?
Watch for known indicators of compromise (IoC)
Which feature is a characteristic of later SIEMs?
User and entity behavior analytics (UEBA)
What does SIEM do primarily?
Collect, normalize, and store log events and alerts
What was the impetus for more automation and machine learning in later SIEM devices?
Shortage of trained personnel
Which two requirements were the motivation for SIEM? (Choose two.)
Increasing number of alerts
Complying to regulations
Which compliance, if ignored by businesses, hospitals, and other organizations, can result in punitive fines?
Complying to regulations
Which three compliance regulations are legislative and industry-sponsored? (Choose three.)
Health Insurance Portability and Accountability Act (HIPAA)
General Data Protection Regulation (GDPR)
Payment Card Industry (PCI) standard
What was the primary driver for purchasing SIEM?
Comply with regulations
Which problem was a barrier to the general acceptance of first-generation SIEM?
High-level of skill was required
Which feature provides SIEM greater visibility into the entire network?
Analyzing logs and alerts from a single-pane-of-glass
NSE 2 Web Application Firewall
Which protocol traffic does a web application firewall (WAF) monitor?
HTTP
Which new feature characterized second-generation WAFs?
Heuristics
Which firewall is positioned between a web application and the Internet?
Web application firewall
Which three features are characteristics of the latest generation WAF? (Choose three.)
DLP
DDoS defense
IP reputation
Which action can a modern WAF do?
Stop any user action should it exceed their network permissions
Which event was the motivation for web application firewall (WAFs)?
The debut of the World Wide Web
NSE 2 Secure Email Gateway
Which option identifies the trend of phishing?
Increasing
Which method did the earliest spam filter use to stop spam?
Identified specific words or patterns
Which challenge caused secure email gateway (SEG) to adopt automation and machine learning?
Volume of attacks
Which technique used by threat actors is known as phishing?
A fraudulent practice of sending emails purporting to be reputable in order to steal information
Which technique used by a threat actor is known as spam?
Irrelevant or inappropriate messages sent on the Internet to a large number of recipients
In addition to a spam filter, which two technologies are often a part of secure email gateway (SEG)? (Choose two.)
Antivirus scanner
Which two methods are used by threat actors to compromise your device when conducting phishing campaigns? (Choose two.)
An embedded hyperlink within an email
An attachment to an email
NSE 2 Web Filter
Why did some people object to web filters?
They censored information.
Which attribute best describes how early web filters worked?
Web filters are rule-based.
How did web filters improve computer security?
They blocked adware, spam, viruses, and spyware.
Which two reasons gave rise to web filters? (Choose two.)
Web filters stop objectionable content.
Web filters improve security.
Which two actions describe how web filters work? (Choose two.)
Web filters filter sites by keywords and predefined content.
Web filters consult URL deny lists and allow lists.
What task can other types of web filters perform?
Searching for content
744
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
