Home Uncategorised Threat Information Services Quiz Answers NSE 2 Information Security Awareness Fortinet

Threat Information Services Quiz Answers NSE 2 Information Security Awareness Fortinet

1772
0

Question 1: Which statement about cyber-attacks is true?

  • It is important that individuals become more aware of and knowledgeable about any attacks.
  • Sharing intelligence among security vendors is the best way to fight threats.
  • There is no secrecy within security vendors and all information is shared.
  • As bad actors continue to evolve it is important to invest in expensive security products.
  • Security products and threat intelligence services that can act together in real time stand the best chance of stopping these attacks.

Question 2: Which are three functions of sandboxing? (Choose three.)

  • Sandboxing quarantines suspicious files and immediately flags them as malware.
  • Depending on the configuration, the owner of the sandbox can propagate this new knowledge across their network security environment.
  • After some time, if nothing malicious is detected in the quarantined files, the sandbox declares them as safe and releases them from quarantine.
  • Sandboxing products take a suspect file and places it in an environment where its behaviors can be closely analyzed.
  • Sandboxes can send the details to the vendor’s threat intelligence service so that the details can be shared worldwide.

Question 3: In the early days of threat intelligence service, in which three timeframes were vendor updates released? (Choose three.)

  • Once a year
  • Every week
  • Monthly
  • Twice a year
  • Quarterly

Question 4: What happens when each known malware file is represented by a one-to-one signature approach?

  • It does not scale well, because the number of malware files increases by millions or more each day.
  • The malware count increases daily, however it can be detected early by a one-to-one signature approach.
  • There are more vendor organizations that are able to keep up with the increasing number of malware files.
  • Malware-as-a-service organizations provide do-it-yourself malware kits as a solution.
  • The variations of malware are easily detected thanks to the affordability of malware kits.
  • Clear my choice

Question 5: What happened when malware became more sophisticated and able to change its own file content?

  • Less sophisticated malware was still able to evade classic signature-based scanning.
  • One new type of malware was detected per year, resulting in the growth of the malware family.
  • Malware signatures did not change, and it was not able to sneak by older antivirus products.
  • A single type of malware did not multiply and no bad behavior was detected.
  • A single type of malware became an entire malware family, consisting of perhaps thousands of different files, but each file performing the same bad behaviors.

Question 6: The threat intelligence service catalogs data about existing or emerging attacks, including the specific mechanisms of the attack, and evidence that the attack has happened.

  • What is this data also known as?
  • Sandboxing
  • Intelligence catalogs
  • Artificial intelligence
  • Indicators of compromise
  • Machine learning

LEAVE A REPLY

Please enter your comment!
Please enter your name here