Scribd Logo
Upload

Welcome to Scribd!

  • Fortinet Nse 2 - Lesson 1

    Uploaded by

    Tony Celli
    2K views1 page
    LESSON 1. SOAR

    Original Title

    FORTINET NSE 2 - LESSON 1

    Copyright

    © © All Rights Reserved

    Available Formats

    TXT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    LESSON 1. SOAR

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    2K views1 page

    Fortinet Nse 2 - Lesson 1

    Uploaded by

    Tony Celli
    LESSON 1. SOAR

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 1

    SOAR (Security Orchestration, Automation and Response)

    ----
    In this lesson, you will learn what SOAR is and how it benefits network security.
    In networks where the complexity and manual tasks delay responses to cyber-attacks,
    SOAR automates an orchestrated response, which ensures a timely neutralization of
    an attack or breach and relief to teams who suffer from a skills shortage.

    Question 1
    From the choices below, what is the best description of S.O.A.R?
    Select one:
    Correctly orients the security team to address the cyber threat according to the
    situation.
    Connects all tools in your security stack together into defined workflows that can
    be run automatically. [CORRECT ANSWER]
    Combines the processes and the security tools available to exploit opportunities
    given a particular situation.

    Question 2
    Why is SOAR used?
    Select one:
    To synchronize tools, accelerate response times, reduce alert fatigue, and
    compensate for the skill shortage gap. [CORRECT ANSWER]
    To collaborate with other analysts during investigations.
    To analyze workload, organize an analysts tasks, and allow teams to respond using
    their own processes.
    To replace tier 1 analysts and automate all of their tasks.

    Question 3
    Identify a benefit of SOAR.
    Select one:
    Increases your security teams efficiency by automating repetitive manual processes.
    [CORRECT ANSWER]
    Analyzes and generates a security score to better measure improvements in network
    security.
    Reports on all endpoints that require patching.
    Elevates the security team’s sense of success.

    Question 4
    What are playbooks used for?
    Select one:
    To describe the order analyst’s complete tasks.
    To optimize manual processes.
    The plan an analyst creates to complete a task manually.
    To automate actions an analyst typically would have to complete manually. [CORRECT
    ANSWER]

    Question 5
    What is alert fatigue?
    Select one:
    When an analyst is overwhelmed from the number of alerts coming in. [CORRECT
    ANSWER]
    When a team reduces the number of alerts coming in using SOAR.
    When a SOAR solution is overloaded with alerts.
    When the number of alerts decline.

    You might also like