Fortinet NSE 2 – Quiz 5 Post author By Hamed Salami Post date November 16, 2020 No Comments on Fortinet NSE 2 – Quiz 5 1. The threat intelligence service catalogs data about existing or emerging attacks, including the specific mechanisms of the attack, and evidence that the attack has happened. What is this data also known as? Machine learning Sandboxing Artificial intelligence Indicators of compromise Intelligence catalogs 2. Which are three functions of sandboxing? (Choose three.) Sandboxes can send the details to the vendor’s threat intelligence service so that the details can be shared worldwide. Sandboxing products take a suspect file and places it in an environment where its behaviors can be closely analyzed. After some time, if nothing malicious is detected in the quarantined files, the sandbox declares them as safe and releases them from quarantine. Depending on the configuration, the owner of the sandbox can propagate this new knowledge across their network security environment. Sandboxing quarantines suspicious files and immediately flags them as malware. 3. What happens when each known malware file is represented by a one-to-one signature approach? There are more vendor organizations that are able to keep up with the increasing number of malware files. Malware-as-a-service organizations provide do-it-yourself malware kits as a solution. The malware count increases daily, however it can be detected early by a one-to-one signature approach. The variations of malware are easily detected thanks to the affordability of malware kits. It does not scale well, because the number of malware files increases by millions or more each day. 4. In the early days of threat intelligence service, in which three timeframes were vendor updates released? (Choose three.) Every week Quarterly Once a year Monthly Twice a year 5. Which statement about cyber-attacks is true? Sharing intelligence among security vendors is the best way to fight threats. It is important that individuals become more aware of and knowledgeable about any attacks. Security products and threat intelligence services that can act together in real time stand the best chance of stopping these attacks. As bad actors continue to evolve it is important to invest in expensive security products. There is no secrecy within security vendors and all information is shared. Time is Up! ← Fortinet NSE 2 – Quiz 4 → Fortinet NSE 2 – Quiz 6 Leave a Reply Cancel replyYour email address will not be published. Required fields are marked *Comment Name * Email * Website Save my name, email, and website in this browser for the next time I comment.