Question 1
For a SIEM to work
effectively it must detect the network topology and the devices connected to
it. How does FortiSIEM accomplish this?
Select one:
By initially entering the data manually
and sending email reminders to administrators to update for any changes
By
initially entering the data manually and relying on manual updates as the
environment changes
By
using a live import engine for AutoCAD drawings and Visio diagrams
By using a
built-in self-learning, real-time asset discovery and device configuration
engine
Question 2
What is the major
benefit of the FortiSIEM ability to cross-correlate data from sources each
traditionally isolated to the NOC or SOC?
Select one:
FortiSIEM
can identify which department is at fault.
FortiSIEM
can isolate network device configuration errors.
FortiSIEM
can report on IT staff effectiveness.
FortiSIEM
can more quickly identify threats.
Question 3
FortiSIEM has APIs to
collect data from which types of sources?
Select one:
Fortinet
switches, routers, and firewalls only.
A
large list of sources from a large list of vendors.
A
small list of sources from a few vendors.
Switches, routers,
and firewalls from the major vendors.
Question 4
Typically, NOC and SOC
teams operate independently with different toolsets. What risk does this pose?
Select one:
It
can increase the communications effectiveness during a crisis.
It
can diminish previous team-building efforts.
It
increases the time necessary to detect breaches.
It can highlight
discrepancies in the data.
Question 5
How does FortiSIEM
support multi-tenancy?
Select one:
It
allows enterprises and managed service providers to create partitioned
reporting domains.
It
allows multiple customers to share the same network infrastructure.
It
provides support for FortiSIEM to analyse cloud-based resources.
It allows multiple
instances of FortiSIEM to be used on the same network simultaneously.
Question 6
In a recent survey,
how long did IT professionals report it took to detect a breach, on average?
Select one:
13
days
256
days
2.5
years
8 hours
Question 7
Gartner defines the
“critical capabilities” required of a complete SIEM solution. How does
FortiSIEM compare to these criteria?
Select one:
FortiSIEM
almost meets Gartner's definition.
FortiSIEM
goes far beyond Gartner's definition.
FortiSIEM
exactly meets Gartner's definition.
FortiSIEM meets 50%
of Gartner's definition.
Question 8
How can compliance
reporting information be obtained from FortiSIEM?
Select one:
By
installing the FortiSIEM Compliance add-on module
By
utilizing professional services to build compliance reports
By
using any of the hundreds of built-in customizable compliance reports
By dumping
the FortiSIEM databases and importing into your favourite reporting tool
Question 9
What is a key
overarching function of SIEMs?
Select one:
Support
Fortinet Single Sign-On with FortiGate and FortiClient
Contains
breaches to specific vendors to reduce propagation
Address
external and internal breaches with a single product
Monitor
conformity with regulatory and compliance requirements
Question 10
Which two main pain
points do organizations face that are addressed by FortiSIEM? (Choose two.)
Select one or more:
Economic
and reputational loss from data breaches
Lack
of visibility into the network
Weak
regulatory standards and network monitoring requirements
Labour-intensive
manual investigations of security eventsDapat nilai 90
Tidak ada komentar:
Posting Komentar