Security-Driven Networking
Which three management options can be used to manage FortiAP? (Choose three.)
FortiManager
FortiAP Cloud
FortiGate
Which best describes the function of FortiManager?
Manages multiple Fortinet devices from a single console
When would you use FortiSwitch Cloud?
When FortiSwitch devices are deployed as standalones and not in a FortiGate environment
What is the benefit of the Fortinet security rating?
Provides a quantifiable measure of a network’s security posture
Which Fortinet-built technology allows FortiGate to enable better throughput performance?
Secure processing unit
Which technology allows FortiGate to provide deeper integration with FortiAP and switches?
FortiLink
Which term best describes FortiGate?
Next generation firewall
What is the fundamental function of FortiSwitch?
Securely connects devices on a computer network
Which best describes the function of the application control feature in FortiGate?
Creates policies that allow, deny, or restrict access to applications
What is the central purpose of FortiGuard Labs?
To provide security services
Which product acts as the connection point to the network for wireless devices?
FortiAP
According to the SD-WAN use case, which Fortinet product replaces separate WAN routers, WAN optimization, and some security devices?
FortiGate
What is security-driven networking?
The integration of networking and security capabilities
Which FortiManager tool enables automation for DevOps and DevSecOps?
Scripts and fabric connectors
Zero-day detection and response
Which operating system is common to all FortiGate devices?
FortiOS
Zero Trust Access
Which product helps protect end users who are prone to clicking on phishing scams?
FortiClient
Which two Fortinet products integrate with FortiNAC? (Choose two.)
FortiGate
FortiClient EMS
Which Fortinet product is used to profile devices in order to detect changes to device characteristics?
FortiNAC
Which product category best describes FortiAuthenticator?
Identity Management
Which best describes the Zero Trust Access solution pillar?
Enables organizations to see and control everyone and everything on the network
What is a key capability of FortiNAC?
Profiles and monitors devices on the network
Which three major functions does FortiAuthenticator provide? (Choose three.)
Wired and wireless authentication
Secure access with two-factor authentication
Identity management
Which two methods are common examples of second factor authentication that are supported by FortiAuthenticator? (Choose two.)
Tokens
Digital certificates
How does FortiNAC dynamically control access to the network?
Detects a change in the device profile and automatically quarantines the device
Which security platform does FortiClient EMS integrate with to increase visibility and compliance control?
Fortinet Security Fabric
Which is a principle of zero trust access?
Continuous authentication of users and devices
Which description best identifies a function of FortiAuthenticator as a certificate authority?
Provide digital identities
FortiAuthenticator supports self-service registration, social authentication, and pre-defined access codes for which purpose?
Guest user access
Complete the sentence to identify which method determines Fortinet ZTA micro-segmentation.
FortiNAC micro-segments the network according to …
user role and device function.
Which module of FortiClient supports the secure remote access use case?
Single Sign On
Which type of network user accounts for the majority of breaches?
Internal users
Which three key capabilities does FortiNAC offer customers? (Choose three.)
Control—segments the network by device so that the device can only access those assets it requires
Automated response—takes automatic action should a device become compromised or be suspected of compromise
Visibility—provides identification, profiling, and vulnerability scanning of devices
Which product can manage and automatically provision FortiClient to endpoints?
Endpoint Management Server
Adaptive Cloud Security
How does FortiADC ensure application availability?
By spanning applications across data centers using Global Server Load Balancing
What are three features that FortiWeb provides to protect against bots? (Choose three.)
Threshold based detection
Bot deception
Biometrics based detection
FortiMail integrates with which product to provide a safe internet browsing environment and protection against malicious sites, files, and URLs?
FortiIsolator
Which additional FortiMail service or product mitigates the impact of an email outage?
Email continuity
Which layer of the FortiWeb machine learning engine detects anomalies by building profiles and mathematical models for each parameter in a given web application?
Layer 1
Where is a FortiADC typically deployed?
Behind the firewall and in front of servers in a data center
What are three operation modes for FortiMail? (Choose three)?
Gateway mode
Transparent mode
Microsoft 365 API support
How many layers does the FortiWeb Machine Learning engine use?
2
What are three principle values delivered by the Adaptive Cloud Security solution? (Choose three)
Broad Protection
Native Integration
Management and Automation
What are three services offered by FortiWeb that are that are continuously updated by FortiGuard Labs? (Choose three.)
IP reputation
Antivirus
Attack signatures
What FortiMail feature, which is a part of the Microsoft 365 bundle, differentiates Fortinet from competitors?
Post-delivery claw back
Which three Fortinet Adaptive Cloud Security products combine to deliver on the secure productivity use case? (Choose three.)
FortiMail
FortiSandbox
FortiGate
For which reason might an organization need a Web Application Firewall (WAF)?
They need to protect web-based applications from attacks that target known and unknown vulnerabilities
What is the primary purpose of FortiADC?
Scale web-based applications for capacity and availability
Which of the following FortiGuard Services are available for FortiADC? (Choose three.)
WAF Security Service
Web Filtering
IP Reputation
Security Operations
From which two sources does FortiAnalyzer correlate logs? (Choose two.)
FortiGate
FortiSandbox
Which Security Operations use case solves the challenges of misconfigurations during deployment and obtaining detailed logs and telemetry?
Single pane management, visibility, and analytics
What EDR feature addresses automated incident response?
Playbooks
What are two FortiGuard services implemented in FortiSandbox? (Choose two.)
Content Patented Recognition Language (CPRL)
File Query service
What are three capabilities of FortiSOAR? (Choose three.)
Visual playbook builder
Customizable dashboards and reports
Automate responses to alerts, incidents, and vulnerabilities
What are two ways that FortiSandbox bolsters Security Operations processes? (Choose two.)
Powered by two machine learning models to deal with rapid evolving threats
Automates the detection and response process across both IT and OT environments
The FortiNDR Virtual Security Analyst is built on which machine learning model?
Deep Neural Networks
How does FortiSIEM support multi-tenancy?
It allows enterprises and managed service providers to create partitioned reporting domains.
What database is used by FortiSIEM to perform real-time asset discovery and classification?
Configuration Management Database (CMDB)
What are three capabilities of FortiXDR? (Choose three.)
Enables pre-defined automatic response actions based on user, group, threat type, severity, and scope
Extends detection and response across digital attack surface edges including endpoints and IoT devices
Adds analytics and converts security alerts to a manageable number of high fidelity incidents for investigation
What are three tasks that the FortiNDR Virtual Security Analyst performs? (Choose three.)
Detects threats
Classifies threats
Investigates threats
FortiAnalyzer is primarily used for which purpose?
Centralized security logging and reporting
The roll back malicious changes feature in FortiEDR is at which stage of the overall attack phase?
Post-infection
What are three key benefits of FortiAnalyzer? (Choose three.)
Increases security
Reduces complexity of management
Automates compliance
Which statement correctly identifies how FortiDeceptor defends the network?
Builds decoys to lure attackers and inspects their behaviour.
What is the FortiDeceptor lifecycle?
Deceive > Expose > Eliminate
In FortiDeceptor, which three detection engines comprise the Anti-Reconnaissance and Anti-Exploit Service? (Choose three.)
Anti-malware service
IPS detection
Web filtering service
What are three categories of capabilities delivered by the Fortinet Security Operations solution? (Choose three.)
Centralized management
Security automation and orchestration
Security Fabric analytics