Which of the advanced threat protection solutions should you use to protect against an attacker may take durin
Which of the advanced threat protection solutions should you use to protect against an attacker may take during the lateral movement stage of the kill chain? (Choose two.) A. FortiClient and FortiSandbox B. FortiMail and FortiSandbox C. FortiGate and FortiSandbox D. FortiWeb and FortiSandbox
What type of threats can FortiSandbox detect on inbound traffic? (Choose two.)
When using FortiSandbox in sniffer-mode, you should configure FortiSandbox to inspect both inbound and outbound traffic. What type of threats can FortiSandbox detect on inbound traffic? (Choose two.) A. Botnet connections B. Malware C. Malicious URLs D. Intrusion attempts
Which of the following are features of network share scanning of FortiSandbox? (Choose two.)
Which of the following are features of network share scanning of FortiSandbox? (Choose two.) A. Move clean files to a separate network share. B. Replace suspicious files with a replacement message. C. Detect malicious URLs. D. Detect network attacks. Reference: https://help.fortinet.com/fsandbox/olh/2-5-1/Document/900_Scan%20Input/900_Network%20Share/100_Network%20Share.htm
Which of the kill chain stages does Fortinet’s advanced threat protection solution block? (Choose three.)
Which of the kill chain stages does Fortinet’s advanced threat protection solution block? (Choose three.) A. Command and control B. Delivery C. Reconnaissance D. Lateral movement E. Weaponization
Which of the following inspections will FortiSandbox perform on samples submitted for sandboxing? (Choose two.
Examine the System Information widget shown in the exhibit, then answer the following question: Which of the following inspections will FortiSandbox perform on samples submitted for sandboxing? (Choose two.) A. URL rating on FQDN seen in DNS requests B. IP reputation check on callback connections C. Antivirus inspection on downloaded files D. URL rating on […]
Which of the following is true regarding this scenario?
FortiGate root VDOM is authorized and configured to send suspicious files to FortiSandbox for inspection. The administrator creates a new VDOM, and then generates some traffic so that the new VDOM sends a file to FortiSandbox for the first time. Which of the following is true regarding this scenario? A. FortiSandbox will accept the file, […]
At which stage of the kill chain will an attacker use tools, such as nmap, ARIN, and banner grabbing, on the t
At which stage of the kill chain will an attacker use tools, such as nmap, ARIN, and banner grabbing, on the targeted organization’s network? A. Exploitation B. Reconnaissance C. Lateral movement D. Weaponization
Based on the logs shown, which of the following statements is correct? (Choose two.)
Examine the FortiGate antivirus logs shown in the exhibit, than answer the following question: Based on the logs shown, which of the following statements is correct? (Choose two.) A. The fsa_dropper.exe file was blocked using a local black list entry. B. The fsa_sample_1.exe file was not sent to FortiSandbox. C. The eicar.exe file was blocked […]
Downloads from emails
A. Downloads from emails B. URLs from web requests C. Command and control traffic D. Files from removable storage
Based on the configuration, which of the following statements are true? (Choose two.)
Examine the FortiSandbox Scan Profile configuration shown in the exhibit, and then answer the following question: Based on the configuration, which of the following statements are true? (Choose two.) A. PDF files will be inspected in the WIN7X86VM)16 VM. B. URLs submitted using JSON API will not be inspected. C. HTM files submitted using the […]