Training Institute: Library NSE 3 Quiz Answer

Security-Driven Networking

Which three management options can be used to manage FortiAP? (Choose three.)
    FortiManager
    FortiAP Cloud
    FortiGate

Which best describes the function of FortiManager?
    Manages multiple Fortinet devices from a single console

When would you use FortiSwitch Cloud?
    When FortiSwitch devices are deployed as standalones and not in a FortiGate environment

What is the benefit of the Fortinet security rating?
    Provides a quantifiable measure of a network’s security posture

Which Fortinet-built technology allows FortiGate to enable better throughput performance?
    Secure processing unit

Which technology allows FortiGate to provide deeper integration with FortiAP and switches?
    FortiLink

Which term best describes FortiGate?
    Next generation firewall

What is the fundamental function of FortiSwitch?
    Securely connects devices on a computer network

Which best describes the function of the application control feature in FortiGate?
    Creates policies that allow, deny, or restrict access to applications

What is the central purpose of FortiGuard Labs?
    To provide security services

Which product acts as the connection point to the network for wireless devices?
    FortiAP

According to the SD-WAN use case, which Fortinet product replaces separate WAN routers, WAN optimization, and some security devices?
    FortiGate

What is security-driven networking?
    The integration of networking and security capabilities

Which FortiManager tool enables automation for DevOps and DevSecOps?
    Scripts and fabric connectors

    Zero-day detection and response

Which operating system is common to all FortiGate devices?
    FortiOS

Zero Trust Access

Which product helps protect end users who are prone to clicking on phishing scams?
    FortiClient

Which two Fortinet products integrate with FortiNAC? (Choose two.)
    FortiGate
    FortiClient EMS

Which Fortinet product is used to profile devices in order to detect changes to device characteristics?
    FortiNAC

Which product category best describes FortiAuthenticator?
    Identity Management

Which best describes the Zero Trust Access solution pillar?
    Enables organizations to see and control everyone and everything on the network

What is a key capability of FortiNAC?
    Profiles and monitors devices on the network

Which three major functions does FortiAuthenticator provide? (Choose three.)
    Wired and wireless authentication
    Secure access with two-factor authentication
    Identity management

Which two methods are common examples of second factor authentication that are supported by FortiAuthenticator? (Choose two.)
    Tokens
    Digital certificates

How does FortiNAC dynamically control access to the network?
    Detects a change in the device profile and automatically quarantines the device

Which security platform does FortiClient EMS integrate with to increase visibility and compliance control?
    Fortinet Security Fabric

Which is a principle of zero trust access?
    Continuous authentication of users and devices

Which description best identifies a function of FortiAuthenticator as a certificate authority?
    Provide digital identities

FortiAuthenticator supports self-service registration, social authentication, and pre-defined access codes for which purpose?
    Guest user access

Complete the sentence to identify which method determines Fortinet ZTA micro-segmentation.
FortiNAC micro-segments the network according to …
    user role and device function.

Which module of FortiClient supports the secure remote access use case?
    Single Sign On

Which type of network user accounts for the majority of breaches?
    Internal users

Which three key capabilities does FortiNAC offer customers? (Choose three.)
    Control—segments the network by device so that the device can only access those assets it requires
    Automated response—takes automatic action should a device become compromised or be suspected of compromise
    Visibility—provides identification, profiling, and vulnerability scanning of devices

Which product can manage and automatically provision FortiClient to endpoints?
    Endpoint Management Server

Adaptive Cloud Security

How does FortiADC ensure application availability?
    By spanning applications across data centers using Global Server Load Balancing

What are three features that FortiWeb provides to protect against bots? (Choose three.)
    Threshold based detection
    Bot deception
    Biometrics based detection

FortiMail integrates with which product to provide a safe internet browsing environment and protection against malicious sites, files, and URLs?
    FortiIsolator

Which additional FortiMail service or product mitigates the impact of an email outage?
    Email continuity

Which layer of the FortiWeb machine learning engine detects anomalies by building profiles and mathematical models for each parameter in a given web application?
    Layer 1

Where is a FortiADC typically deployed?
    Behind the firewall and in front of servers in a data center

What are three operation modes for FortiMail? (Choose three)?
    Gateway mode
    Transparent mode
    Microsoft 365 API support

How many layers does the FortiWeb Machine Learning engine use?
    2

What are three principle values delivered by the Adaptive Cloud Security solution? (Choose three)
    Broad Protection
    Native Integration
    Management and Automation

What are three services offered by FortiWeb that are that are continuously updated by FortiGuard Labs? (Choose three.)
    IP reputation
    Antivirus
    Attack signatures

What FortiMail feature, which is a part of the Microsoft 365 bundle, differentiates Fortinet from competitors?
    Post-delivery claw back

Which three Fortinet Adaptive Cloud Security products combine to deliver on the secure productivity use case? (Choose three.)
    FortiMail
    FortiSandbox
    FortiGate

For which reason might an organization need a Web Application Firewall (WAF)?
    They need to protect web-based applications from attacks that target known and unknown vulnerabilities

What is the primary purpose of FortiADC?
    Scale web-based applications for capacity and availability

Which of the following FortiGuard Services are available for FortiADC? (Choose three.)
    WAF Security Service
    Web Filtering
    IP Reputation

Security Operations

From which two sources does FortiAnalyzer correlate logs? (Choose two.)
    FortiGate
    FortiSandbox

Which Security Operations use case solves the challenges of misconfigurations during deployment and obtaining detailed logs and telemetry?
    Single pane management, visibility, and analytics

What EDR feature addresses automated incident response?
    Playbooks

What are two FortiGuard services implemented in FortiSandbox? (Choose two.)
    Content Patented Recognition Language (CPRL)
    File Query service

What are three capabilities of FortiSOAR? (Choose three.)
    Visual playbook builder
    Customizable dashboards and reports
    Automate responses to alerts, incidents, and vulnerabilities

What are two ways that FortiSandbox bolsters Security Operations processes? (Choose two.)
    Powered by two machine learning models to deal with rapid evolving threats
    Automates the detection and response process across both IT and OT environments

The FortiNDR Virtual Security Analyst is built on which machine learning model?
    Deep Neural Networks

How does FortiSIEM support multi-tenancy?
    It allows enterprises and managed service providers to create partitioned reporting domains.

What database is used by FortiSIEM to perform real-time asset discovery and classification?
    Configuration Management Database (CMDB)

What are three capabilities of FortiXDR? (Choose three.)
    Enables pre-defined automatic response actions based on user, group, threat type, severity, and scope
    Extends detection and response across digital attack surface edges including endpoints and IoT devices
    Adds analytics and converts security alerts to a manageable number of high fidelity incidents for investigation

What are three tasks that the FortiNDR Virtual Security Analyst performs? (Choose three.)
    Detects threats
    Classifies threats
    Investigates threats

FortiAnalyzer is primarily used for which purpose?
    Centralized security logging and reporting

The roll back malicious changes feature in FortiEDR is at which stage of the overall attack phase?
    Post-infection

What are three key benefits of FortiAnalyzer? (Choose three.)
    Increases security
    Reduces complexity of management
    Automates compliance

Which statement correctly identifies how FortiDeceptor defends the network?
    Builds decoys to lure attackers and inspects their behaviour.

What is the FortiDeceptor lifecycle?
    Deceive > Expose > Eliminate

In FortiDeceptor, which three detection engines comprise the Anti-Reconnaissance and Anti-Exploit Service? (Choose three.)
    Anti-malware service
    IPS detection
    Web filtering service

What are three categories of capabilities delivered by the Fortinet Security Operations solution? (Choose three.)
    Centralized management
    Security automation and orchestration
    Security Fabric analytics