IT Study Materials & Practical QAs

NSE 2 (Network Security Associate)

SOAR Quiz:
1. Identify a benefit of SOAR.
Ans: Analyzes and generates a security score to better measure improvement in network security.

2. What are playbooks used for?

Ans: To automate actions an analyst typically would have to complete manually.

3. What does the acronym SOAR stand for?

Ans: Security, Orchestration, Automation, & Response

4. From the choices below, what is the best description of S.O.A.R?

Ans: Connects all tools in your security stack together into defined workflows that can be run
automatically.

5. Why SOAR used?

Ans: To synchronized tools, accelerate response times, reduce alert fatigue, and compensate for the
skills shortage gap.

Cloud Security Quiz:

1. Basic cloud security can be achieved by implementing native cloud security tools.
What problem might occur if customers rely soly on these tools?
Ans: The tools may have limitations customers are not aware of.

2. When a customer's data and services are moved to the cloud, who is ultimately responsible for the
security of data?
Ans: The customer.

3. Which three cloud vendors does the Fortinet Security Fabric integrate with? (Choose three.)
Ans: AWS, Google Cloud, Azure.

4. What drove organization to move from the traditional architecture to the cloud?
Ans: The cloud allows for potential cost savings and moves cost from capital to operational budget.

5. What is SaaS?
Ans: A virtualized application environment in the cloud.
SD-WAN Quiz:
1. Which Fortinet product provides both SD-WAN and NGFW security?
Ans: FortiGate.

2. In which two ways does FortiGate solved security issues with SD-WAN? (Choose two.)
Ans: Includes application control, URL filtering, IPS.
Integrates with FortiSandBox and provides SSL infection.

3. Which two statements about SD-WAN are true? (Choose two.)

Ans: SD-WAN can provide application visibility.
Traffic control is a significant feature of SD-WAN.

4. What are three major weaknesses of the traditional network that SD-WAN solves? (Choose three.)
Ans: Reduces network downtime.
Provides direct internet access to SaaS application.
Reduces application latency.

5. What are two attributes of an SD-WAN network? (Choose two.)

Ans: Augments MPLS with affordable broadband connections.
Simplifies with zero-touch provisioning and centralized control.

Endpoint Quiz:
1. Why is the security of endpoint devices important? (Choose two.)
Ans: Endpoints hold valuable data
Endpoints can be a way to access other information data and devices on the network.

2. In addition to the existing, known threats, what other types of threats must modern endpoint
solutions detect?
Ans: Unknown threats

3. What must modern endpoint solutions do to be effective today?

Ans: Go beyond simple signature comparisons

4. Which device is not considered an endpoint device?

Ans: Ethernet switch

5. How did the rise of the Internet affect the rate at which new malware variants appear?
Ans: The rate increased tremendously.

Threat Intelligence Services:

1. What happens when each known malware file is represented by a one-to-one signature approach?
Ans: It does not scale well, because the number of malware files increases by millions or more each day.

2. Which statement about cyber-attacks is true?

Ans: Security products and threat intelligence services that can act together in real time stand the best
chance of stopping these attacks.

3. Which three functions of sandboxing? (Choose three.)

Ans: Sandboxes can send the details to the vendors threat intelligence service so that the details can be
shared worldwide.
Depending on the configuration, the owner of the sandbox can propagate this new knowledge across
their network security environment.
Sandboxing products take a suspect file and places it in an environment where its behaviors can be
closely analyzed.
4. The threat intelligence service catalogs data about existing or emerging attacks, including the specific
mechanisms of the attack, and evidence that the attack has happened.
What is this data also known as?
Ans: Indicators of compromise

5. What happened when malware became more sophisticated and able to change its own file content?
Ans: A single type of malware became an entire malware family, consisting of perhaps thousands of
different files, but each file performing the same bad behaviors.

Firewall Quiz:
1. What works closely with FortiGate next-generation firewall products to provide the highest level of
network security?
Ans: FortiGuard Labs

2. What is Fortinet's range of next-generation firewall devices called?

Ans: FortiGate

3. What three key, additional security features do next-generation firewalls provide, that legacy firewalls
do not? (Choose Three.)
Ans: Application visibility and control
Intrusion prevention system (IPS)
Web application firewall

4. What did early packet filter firewalls do when they detected a packet that did not comply with their
rules? (Choose two.)
Ans: Blocked the packet and sent a message to the sender.
Silently dropped the packet

5. In network security, what is the purpose of a firewall?

Ans: To control the flow of network traffic.
Network Access Control Quiz:
1. What are the three key activities performed by NAC? (Choose three.)
Ans: Profile all devices to identify what access they should have.
Discover all devices on the network.
Provide appropriate network access to devices.

2. Which three statements are advantages of implementing a FortiNAC solutions (Choose three.)
Ans: FortiNAC can profile headless devices that are not equipped with an agent.
FortiNAC solution is integrated into the security framework.
The FortiNAC solution has complete visibility into the network.

3. When NAC is first deployed, what is one of the first tasks it performs?
Ans: Profiles all connected devices.

4. What is one characteristic of headless devices?

Ans: Devices that cannot take a 3rd party security agent.

5. What is one shortcoming of NAC solutions?

Ans: Some NAC solutions do not support underperform in wired environments, creating a security
vulnerability.
SandBox Quiz:
1. How does sandbox solve the problem of aggregating threat intelligence data?
Ans: By sharing valuable threat intelligence to the security devices on its network.

2. What is the purpose of the sandbox?

Ans: To observe the activity of unknown code in a quarantined environment.

3. Which two reasons was the sandbox solution added to network security? (Choose two.)
Ans: Unknown threats needed to be quarantined.
Firewalls were quite sufficient but better risk management was needed.

4. Which two problems was network security experiencing before the introduction of sandbox solution?
(Choose two.)
Ans: Network security was unable to handle a coordinated attack using different threat vectors and
methods.
Security devices did not communicate with other security devices on the network.

5. What are characteristic of a sandbox? (Choose two.)

Ans: A sandbox confines the actions of code to the sandbox device and in isolation to the rest of the
network.
If something unexpected or malicious happens, it affects only the sandbox.

Secure Email Gateway Quiz:

Security Information & Event Management:
1. Which three tasks must technology perform to satisfy network security compliance requirements?
(Choose three.)
Ans: Store log data for a length of time that satisfies auditing requirements.
Monitor, correlate, and notify events in real-time.
Aggregate logs from many network sources

2. Which two requirements led to development of SIEM? (Choose two.)

Ans: To contend with the flood of alerts issued from IPSs and IDSs.
To measure and prove compliance to various legislations.

3. Which three regulatory standards and acts must businesses, hospitals, and other organizations
comply with? (Choose three.)
Ans: GDPR, HIPAA, PCI

4. How did SIEM evolve?

Ans: From an information platform to a fully integrated and automated center for security and network
operations.

5. Which three problems does SIEM solve? (Choose three.)

Ans: More sophisticated and stealthy cyber-attacks.
The complexity of technology and difficulty with identifying attacks.
The long delay in discovering security breaches by security teams.
Web Application Firewall Quiz:
1. What does a web application firewall do?
Ans: It monitors and blocks malicious HTTP/HTTPS traffic to and from a web application.

2. Which was the predecessor to a web application firewall?

Ans: Application firewall.

3. What do web application firewall do that traditional edge firewall do not?

Ans: Block SQL injection attacks.

4. In which two ways does machine learning help make modern web application firewalls more
effective? (Choose two.)
Ans: It allows them to adapt to the ever-changing attributes of threats.
It allows them to perform behavior analysis at machine speed.

5. Which two products can be integrated with FortiWeb? (Choose two.)

Ans: FortiGate & FortiSandBox.

Web Filter Quiz:

1. Web filters can provide a safe browsing experience by blocking which three threats? (Choose three.)
Ans: Spyware, Adware, Viruses

2. Web filters use rules to be determined which web sites are blocked. Who or what sets the rules in
place?
Ans: The company or individual installing the application.

3. Which three products has Fortinet integrated web filters into? (Choose three.)
Ans: FortiGate, FortiAP, Forticlient

4. What are two reasons our customers need web filter? (Choose two.)
Ans: To prevents users from accessing websites containing malware.
To prevent users from accessing objectionable content.
5. What are two things that a web filter does? (Choose two.)
Ans: It makes decisions based on rules set in place by the company.
Its examiners incoming web pages to determine if any of the content should be blocked.

Wi-Fi Quiz:
1. What does WPA stand for?
Ans: Wi-Fi protected access

2. Which is Wi-Fi based on?

Ans: IEEE 802.11

3. In what year did the rise of the first wireless local access network occur?
Ans: 1988

4. The current best level of security provided for Wi-Fi network is WPA3. Which other Wi-Fi security
protocol is also commonly recommended?
Ans: WPA2

5. When Ethernet switch was introduced, what major benefit did it bring to networks?
Ans: It reduced the number of transmission collision that occur on a wired network.