Professional Documents
Culture Documents
Fortinet Certified Fundamentals 3
Fortinet Certified Fundamentals 3
0 Self-Paced
Select one:
The process of controlling access to resource
The act of certifying that someone can perform an action
The practice of verifying activities on computer devices
The act of identifying and verifying a person or thing
Select one:
The control of physical access to a building or room where sensitive data is stored
The management of information systems, including disaster recovery (DR) and high
availability (HA)
The practice of protecting computer networks, devices, and digital information
The protection of information systems against unauthorized access, modification, and
so on
What is one of the first things that you need to do before implementing safeguards to
information?
Select one:
Carry out a data integrity check on all sensitive data.
Determine what information needs to be protected.
Verify with government regulations if information requires protection.
Conduct criminal record checks on all employees.
Select one:
The act of certifying that someone can perform an action
The practice of verifying activities on computer devices
The act of identifying and verifying a person or thing
The process of controlling access to resources
Select one:
The practice of protecting computer networks, devices, and digital information, whether on-
premises or in the cloud.
The control of physical access to a building or room where sensitive data is stored, either
digitally or physically.
The management of critical infrastructure, such as pipelines, electrical power grids, and data
centers in the cloud.
The processes for preventing, detecting, and remediating attacks on sensitive
information, both digital and physical.
Select one:
The act of certifying that someone can perform an action
The practice of verifying activities on computer devices
The act of identifying and verifying a person or thing
The process of controlling access to resource
What are the three principles of information security (InfoSec), also known as the CIA
triad? (Choose three.)
Which cybersecurity term does one of the letters in AAA stand for?
Select one:
Acceptability
Accounting
Alerts
Anonymity
Select one:
The management of critical infrastructure, such as pipelines and electrical power grids
The practice of protecting computer networks, devices, and digital information
The protection of information systems against unauthorized access, modification, and so on
The protection of all information that has been deemed sensitive
Select one:
The practice of verifying activities on computer devices
The act of identifying and verifying a person or thing
The process of controlling access to resources
The act of certifying that someone can perform an action
In addition to the five categories of cybersecurity, what else do you need to consider
when defending the cyber space?
Select one:
ISO standards
People and processes
Executive strategic planning
Computer code
Which cybersecurity threat category would a trojan horse be an example of?
Select one:
System design failure
Unauthorized access
Social engineering
Malware
Select one:
Hacktivist
Cyber ideologue
Cyber warrior
Explorer
What are the two ingredients of a successful social engineering attack? (Choose two.)
Select one:
Illustrates how a cyber attack is killed
Details how to respond at each stage of a cyber attack
Describes the stages of a cyber attack
Chronicles the chain reaction of a cyber attack
Which sequence of a Cyber Kill Chain show the events occurring in the correct order?
Select one:
Select one:
Provides a common taxonomy for understanding and mitigating cyberattacks
Offers off-the-shelf security software solutions
Presents more cyber attack details than other methods, such as Cyber Kill Chain
Supplies superior services at a lower cost than its competitors
Select one:
Disseminating threat information
Eliminating threats
Providing feedback and a review of lessons learned
Identifying which threats must be mitigated
Select one:
Unauthorized access
System design failure
Malware
Social engineering
Which system or organization assigns a severity score to help you identify the most
dangerous cyberthreats to your organization?
Select one:
Cyberthreat rating system unanimous (CRSU)
Federal Bureau of Investigation (FBI)
National Institute of Standards and Technology (NIST)
Common vulnerability scoring system (CVSS)
Which two attack vector categories characterize a ransomware attack? (Choose two.)
Select one:
Data feeds from a Security Information and Event Manager (SIEM)
News of a cyberattack on another organization’s network
Security implications and actionable advice
A list of malicious IP addresses and domain names
Which three requisite qualities must information have for it to be threat intelligence?
(Choose three.)
Select one:
Green hat
Blue hat
Black hat
Grey hat
Select one:
Cybercriminal
Cyber terrorist
Cyber warrior
Cyber extortionist
Which technique most accurately describes social engineering?
Select one:
Zero-day attack
Quid pro quo
Exploiting computer weaknesses
Psychological manipulation
Select one:
Whaling
Smishing
Honeypot
Vishing
Select one:
Messaging service
Email
Social media
Zero-trust software exploit
What type of attack method is used by a blue hat to study the tactics of bad actors?
Select one:
Honeypot
Sandboxing
Waterholing
Deception
Select one:
Which two reasons explain why influence campaigns are often effective?
Which two insider types are considered malicious insider threats? (Choose two.)
Select one:
Theft of information or money
Clarification of the narrative
Amplification of the message
Access to the target’s network
What social engineering attack uses an online site frequented by the target or targets
to attack them?
Select one:
Waterholing
Pretexting
Phishing
Which three attack methods are examples of social engineering? (Choose three.)
Select one:
Cultivating trust between a bad actor and the target through chance encounters**
Exploiting an unknown vulnerability in computer software
Select one:
What type of insider threat is an individual who believes they are exempt from their
organization’s security policies and bypasses them?
Select one:
Collaborator
Pawn
Goof
Lone wolf**
What type of malware do these characteristics describe?
User activated
Malware inserts or attaches itself to legitimate programs
Spreads to other computers
Select one:
Virus
Keylogger
Rootkit
Worm
Select one:
Routers
Public IP address
Bots
Web service
Which two symptoms might indicate that your computer is infected with malware?
(Choose two.)
Select one or more:
OS updates automatically
Sudden degraded performance
Failing hard drive
Self-executing programs
Which type of malware does not need a host system and spreads to other computers
without user action?
Select one:
Potentially Unwanted Program (PUP)
Worm
Ransomware
Virus
Select one:
The total number of bad actors
The number of pathways to a vulnerability
The method to exploit a vulnerability
The sum of vulnerabilities
Select one:
Browser hijacker
Worm
Spyware
Rootkit
Getting Started in Cybersecurity
Which three traits are characteristics of a next generation firewall (NGFW)? (Choose
three.)
Select one:
Filters by protocol
Examines data in the packets
Monitors IP addresses and ports
Uses rule-based decision-making
Which three elements does a stateful firewall track when determining whether to
allow or deny a TCP/IP connection? (Choose three.)
Select one:
Opened random ports and used multiple connections
Granular policy capability made managing the firewall too complex
Filtered only at Layer 3 of the OSI model
Produced many false positives, thereby overwhelming IT security
In a UTM firewall, which component monitors protocols, such as FTP and HTTP?
Select one:
Web filter
Transport layer filter
Protocol filter
Application layer filter
Complete the sentence: A packet filter firewall controls network traffic based on
___________.
Select one:
Select one:
Stateful**
Application layer**
Packet filter
Select one:
Utilizing device profiles
Using user roles
Routers
Using IP addresses
What action do you typically need to do to join a public network, such as one in a
coffee shop?
Select one:
Submit your personal digital certificate
Register your handheld device
Provide biometric information
Agree to the legal terms for using the network
Select one:
Select one:
Mandated by government
What is a zero-day attack?
Select one:
Malware that converts all data bits to zeros
A new and unknown computer virus
A cyberattack that exploits an unknown software vulnerability
A computer virus that receives instructions from a Command and Control server
Select one:
A segment of the network reserved for testing unknown programs
An isolated virtual environment to test suspicious files and hyperlinks
A process used to identify, describe, and categorize malware
A service in the Cloud used to collect and share threat intelligence
Select one:
Slowed network traffic
Lack of integration with other security devices
Failed to categorize malware
Could not stop zero-day attacks
Select one:
Faster network speeds
Streamlines manual testing
Scanning of encrypted data streams
Automation and artificial intelligence
Select one:
Faster network speeds
Scanning of encrypted data streams
Automation and artificial intelligence
Streamlines manual testing
Select one:
Polymorphic viruses
AI-driven attacks
Trojan horse
Ransomware
Which three features are characteristics of the latest generation WAF? (Choose three.)
Select one:
IP
TCP
HTTP
CLNP
Which event was the motivation for web application firewall (WAFs)?
Select one:
The debut of the World Wide Web
ARPANET was brought online
The first wide area network (WAN)
The development of the hypertext transfer protocol
Select one:
Machine learning without human supervision
Heuristics
Packet analysis
Port and protocol blocking
Select one:
Survey the network and calculate a value to represent the security posture**
Segment the network based on device type and user role
Stop any user action should it exceed their network permissions
Connect all tools in the security stack into defined workflows
Which Domain Name Service (DNS)-based content filter determines if a user can
access content or not?
Select one:
Allowlists and blocklists categorized by domain name or IP address
Header content collation with a database of known threat actors
A machine learning (ML) algorithm
A list of allowed and blocked MAC addresses
Attachments
MAC addresses
Headers
Select one:
False positives
SPAM
Time needed to process
Accuracy
Which Domain Name Service (DNS)-based content filter determines if a user can
access content or not?
Select one:
A machine learning (ML) algorithm
Allowlists and blocklists categorized by domain name or IP address
Header content collation with a database of known threat actors
A list of allowed and blocked MAC addresses
Select one:
They test URLs in segregated virtual machines (VMs) to see what they do.
They block adware, spam, and malware.
They block lewd websites.
They prevent denial-of-service (DoS) attacks.
Select one:
They compare known good content with the examined content.
They check headers against a blackhole list.
They assign a weighting based on text and images.
They filter by pretagged words and images.
Which two methods are used by threat actors to compromise your device when
conducting phishing campaigns? (Choose two.)
Select one:
Erratic
Plateaued
Declining
Increasing
Select one:
Fraudulent messages that target a specific role or person within an organization
Irrelevant or inappropriate messages sent on the Internet to a large number of
recipients
Weaponized emails that claim to come from a legitimate sender
An attacker observes websites that a targeted group visits, and herds them into an infected
website
Which method did the earliest spam filter use to stop spam?
Select one:
Identified specific words or patterns
Detected unusual behaviour
Tested emails in a sandbox environment
Detected illegitimate email addresses
In addition to a spam filter, which two technologies are often a part of secure email
gateway (SEG)? (Choose two.)
Which challenge caused secure email gateway (SEG) to adopt automation and
machine learning?
Select one:
Data loss
Success of click-bait
Delay in implementing the sender policy framework
Volume of attacks
Select one:
Irrelevant or inappropriate messages sent on the Internet to a large number of recipients
An attacker observes websites that a targeted group visits, and herds them into an infected
website
Fraudulent messages that target a specific role or person within an organization
A fraudulent practice of sending emails purporting to be reputable in order to steal
personal information
Which change that was introduced in Wi-Fi Protected Access 2 (WPA2) strengthened
encrypted Wi-Fi communications?
Select one:
Enforcement of stronger passphrases
Encryption digital certificate
Hardware Security Modules (HSM)
Advanced Encryption Standard (AES) algorithm
What weakness of Wired Equivalent Privacy (WEP) made it unsuitable to secure Wi-Fi
communications?
Select one:
The RC4 encryption algorithm was easily defeated.
It did not support digital signatures.
It did not enforce complex passwords.
It was susceptible to man-in-middle attacks.
Select one:
IEEE 802.11
ISO 5750
RFC 826
10Base-T
Which two security practices make your home wireless network safer? (Choose two.)
What is Wi-Fi?
Select one:
An Ethernet networking protocol
Select one:
Encrypt the disk
Buy insurance
Install antivirus software
Back up the data
User restrictions
Passwords
Policy checks
Backups
Select one:
Startup hardening
Data loss prevention (DLP)
Boot management
Automatic-updates and patching
Select one:
Virtualization
Cloud services
Internet of things (IoT)
Artificial intelligence (AI)
Which platform can preemptively block new, undiscovered attacks?
Select one:
Next generation firewall
Endpoint detection and response
Endpoint management system
Zero trust network access
Select one:
Which two elements are a part of the endpoint monitoring category? (Choose two.)
Select one:
Antivirus scanning
Which two features are functions of an endpoint protection platform (EPP)? (Choose
two.)
Select one:
To plan a set of manual tasks to be completed by analysts
To describe the order in which analysts complete tasks
To provide a set of scenarios of predicted cyberattack methods
To automate the actions that an analyst would typically do manually
Select one:
SOAR collects logs from all security tools to improve network visibility
SOAR connects all security tools together into defined workflows that can be run
automatically
SOAR orients the security team by defining and categorizing cyberattacks
SOAR plays out potential cyberattacks to improve network security preparedness
Select one:
It increases security team efficacy by automating repetitive processes
It reports on which endpoints require patching and have security vulnerabilities
It analyzes and generates a security score to measure improvements in network security
It deflects DDoS attacks and identifies the Command and Control source
What is alert fatigue?
Select one:
Measures the time lag to resolve alerts
The SOAR system is overloaded by the amount of network traffic
Analysts are overwhelmed by the number of alerts
Analysts reduce the number of alerts using SOAR
Which feature provides SIEM greater visibility into the entire network?
Select one:
Analyzing logs and alerts from a single-pane-of-glass
Complying with regulations
Deciphering encrypted logs and alerts
Sharing of logs by IoTs and BYODs
Select one:
User and entity behavior analytics (UEBA)
Deciphering encrypted data flows
Collect, normalize, and store log events and alerts
Automatic backups and integrity checking
What is one method that SIEM uses to analyze data?
Select one:
Watch for known indicators of compromise (IoC)
Decipher encrypted logs and alerts
Decipher encrypted data flows
Apply security controls
What does SIEM do primarily?
Select one:
Collect, normalize, and store log events and alerts
Connect all security tools together into defined workflows
Manage network events and alerts
Manage network information and alerts
Select one:
Cost to purchase was prohibitive
Did not have the features needed by organizations
The point solution approach to network security
High-level of skill was required
What was the impetus for more automation and machine learning in later SIEM
devices?
Select one:
Need to improve MIS efficiency
Requirement to manage Big Data
Demand to reduce MIS costs
Shortage of trained personnel
Which two requirements were the motivation for SIEM? (Choose two.)
Select one:
Demand for more cloud applications and services
Moving from physical appliances to virtual appliances
A focus on more capital expenditures
Greater expenditures on research and development
Earlier businesses used a single, dedicated service provider to connect to the internet.
What was the primary weakness of this design?
Select one:
Overly complex
Unreliable
Inexpensive
Unsecure
Which two benefits are gained from using an SD-WAN centralized management
console? (Choose two.)
Why might managing multiple point products cause greater complexity for IT
security? (Choose two.)
How does the ZTNA client identify itself to the ZTNA access proxy?
Select one:
Using a network user ID and password
Using device-specific information
Using a MAC address
Using a digital certificate
Select one:
Policy server
Router
Firewall
Authentication server
Which statement best describes the zero-trust approach that is the basis for ZTNA
design?
Select one:
Remote devices and users cannot be trusted.
IoT and BYOD devices must be authenticated before they are trusted.
No device or user can be trusted inside or outside the network.
After devices are authenticated, they are always trusted.
Select one:
Limits connections to on-premises clients
Protects servers and resources
Accelerates speed throughput
Simplifies network administration
Select one:
Security posture of the device
Encrypted user ID and password
Client digital certificate
Authentication token
What is an example of SaaS?
Select one:
Google mail
OS patching
AWS
FortiWeb
Select one:
Allows you to rent virtualized data infrastructure without having to physically manage
it on premises
Integrates multi-cloud environments with the on-premises network
Provides an online platform for developing software delivered over the internet
Allows you to rent, or use for free, software, like Google Mail
Who has ultimate responsibility for the safety of the customer’s data and services
hosted in the cloud?
Select one:
The customer
The cloud security syndicate
The Interpol cloud security service
The cloud service provider
Which two cloud services are types of cloud computing? (Choose two.)
Select one or more:
Integration as a Service (IaaS)
Platform as a Service (PaaS)
Infrastructure as a Service (IaaS)
Security as a Service (SaaS)
Select one:
simultaneously running multiple datacenters using centralized mainframe computing.
connecting various computers and other network devices together using switches and
routers.
using a network of remote servers hosted on the internet to store, manage, and
process data.
building LANs comprised of virtual servers and connected by routers to form a virtual WAN.
Select one:
Remote users
A poorly protected network
An organization that consumes little to no cloud-based services
branch locations with minimal security that are attached to a core network
Which two cloud capabilities are combined to deliver SASE? (Choose two)
For network security, which three challenges have emerged as a result of rapid and
disruptive digital innovation? (Choose three)
What is a result of outdated network security solutions requiring all traffic running
through the core data center for inspection?
Select one:
Latency