Winter Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: geek65

NSE7_OTS-7.2 Fortinet NSE 7 - OT Security 7.2 Questions and Answers

Questions 4

What are two critical tasks the OT network auditors must perform during OT network risk assessment and management? (Choose two.)

Options:

A.

Planning a threat hunting strategy

B.

Implementing strategies to automatically bring PLCs offline

C.

Creating disaster recovery plans to switch operations to a backup plant

D.

Evaluating what can go wrong before it happens

Buy Now
Questions 5

An administrator wants to use FortiSoC and SOAR features on a FortiAnalyzer device to detect and block any unauthorized access to FortiGate devices in an OT network.

Which two statements about FortiSoC and SOAR features on FortiAnalyzer are true? (Choose two.)

Options:

A.

You must set correct operator in event handler to trigger an event.

B.

You can automate SOC tasks through playbooks.

C.

Each playbook can include multiple triggers.

D.

You cannot use Windows and Linux hosts security events with FortiSoC.

Buy Now
Questions 6

A FortiGate device is newly deployed as the edge gateway of an OT network security fabric. The downstream FortiGate devices are also newly deployed as Security Fabric leafs to protect the control area zone.

With no additional essential networking devices, and to implement micro-segmentation on this OT network, what configuration must the OT network architect apply to control intra-VLAN traffic?

Options:

A.

Enable transparent mode on the edge FortiGate device.

B.

Enable security profiles on all interfaces connected in the control area zone.

C.

Set up VPN tunnels between downstream and edge FortiGate devices.

D.

Create a software switch on each downstream FortiGate device.

Buy Now
Questions 7

An OT network administrator is trying to implement active authentication.

Which two methods should the administrator use to achieve this? (Choose two.)

Options:

A.

Two-factor authentication on FortiAuthenticator

B.

Role-based authentication on FortiNAC

C.

FSSO authentication on FortiGate

D.

Local authentication on FortiGate

Buy Now
Questions 8

Refer to the exhibit.

An operational technology rule is created and successfully activated to monitor the Modbus protocol on FortiSIEM. However, the rule does not trigger incidents despite Modbus traffic and application logs being received correctly by FortiSIEM.

Which statement correctly describes the issue on the rule configuration?

Options:

A.

The first condition on the SubPattern filter must use the OR logical operator.

B.

The attributes in the Group By section must match the ones in Fitters section.

C.

The Aggregate attribute COUNT expression is incompatible with the filters.

D.

The SubPattern is missing the filter to match the Modbus protocol.

Buy Now
Questions 9

Refer to the exhibit.

In order for a FortiGate device to act as router on a stick, what configuration must an OT network architect implement on FortiGate to achieve inter-VLAN routing?

Options:

A.

Set a unique forward domain on each interface on the network.

B.

Set FortiGate to operate in transparent mode.

C.

Set a software switch on FortiGate to handle inter-VLAN traffic.

D.

Set a FortiGate interface with the switch to operate as an 802.1 q trunk.

Buy Now
Questions 10

Refer to the exhibit.

You are navigating through FortiSIEM in an OT network.

How do you view information presented in the exhibit and what does the FortiGate device security status tell you?

Options:

A.

In the PCI logging dashboard and there are one or more high-severity security incidents for the FortiGate device.

B.

In the summary dashboard and there are one or more high-severity security incidents for the FortiGate device.

C.

In the widget dashboard and there are one or more high-severity incidents for the FortiGate device.

D.

In the business service dashboard and there are one or more high-severity security incidents for the FortiGate device.

Buy Now
Questions 11

Which two statements about the Modbus protocol are true? (Choose two.)

Options:

A.

Modbus uses UDP frames to transport MBAP and function codes.

B.

Most of the PLC brands come with a built-in Modbus module.

C.

You can implement Modbus networking settings on internetworking devices.

D.

Modbus is used to establish communication between intelligent devices.

Buy Now
Questions 12

What triggers Layer 2 polling of infrastructure devices connected in the network?

Options:

A.

A failed Layer 3 poll

B.

A matched security policy

C.

A matched profiling rule

D.

A linkup or linkdown trap

Buy Now
Questions 13

Refer to the exhibit.

An OT administrator ran a report to identify device inventory in an OT network.

Based on the report results, which report was run?

Options:

A.

A FortiSIEM CMDB report

B.

A FortiAnalyzer device report

C.

A FortiSIEM incident report

D.

A FortiSIEM analytics report

Buy Now
Questions 14

An OT administrator has configured FSSO and local firewall authentication. A user who is part of a user group is not prompted from credentials during authentication.

What is a possible reason?

Options:

A.

FortiGate determined the user by passive authentication

B.

The user was determined by Security Fabric

C.

Two-factor authentication is not configured with RADIUS authentication method

D.

FortiNAC determined the user by DHCP fingerprint method

Buy Now
Questions 15

Refer to the exhibit and analyze the output.

Which statement about the output is true?

Options:

A.

This is a sample of a FortiAnalyzer system interface event log.

B.

This is a sample of an SNMP temperature control event log.

C.

This is a sample of a PAM event type.

D.

This is a sample of FortiGate interface statistics.

Buy Now
Questions 16

Refer to the exhibit.

The IPS profile is added on all of the security policies on FortiGate.

For an OT network, which statement of the IPS profile is true?

Options:

A.

FortiGate has no IPS industrial signature database enabled.

B.

The listed IPS signatures are classified as SCADAapphcat nns

C.

All IPS signatures are overridden and must block traffic match signature patterns.

D.

The IPS profile inspects only traffic originating from SCADA equipment.

Buy Now
Questions 17

Refer to the exhibit.

You need to configure VPN user access for supervisors at the breach and HQ sites using the same soft FortiToken. Each site has a FortiGate VPN gateway.

What must you do to achieve this objective?

Options:

A.

You must use a FortiAuthenticator.

B.

You must register the same FortiToken on more than one FortiGate.

C.

You must use the user self-registration server.

D.

You must use a third-party RADIUS OTP server.

Buy Now
Questions 18

Refer to the exhibit

In the topology shown in the exhibit, both PLCs can communicate directly with each other, without going through the firewall.

Which statement about the topology is true?

Options:

A.

PLCs use IEEE802.1Q protocol to communicate each other.

B.

An administrator can create firewall policies in the switch to secure between PLCs.

C.

This integration solution expands VLAN capabilities from Layer 2 to Layer 3.

D.

There is no micro-segmentation in this topology.

Buy Now
Exam Code: NSE7_OTS-7.2
Exam Name: Fortinet NSE 7 - OT Security 7.2
Last Update: Nov 21, 2024
Questions: 62
NSE7_OTS-7.2 pdf

NSE7_OTS-7.2 PDF

$28  $80
 Add to Cart
NSE7_OTS-7.2 Engine

NSE7_OTS-7.2 Testing Engine

$33.25  $95
 Add to Cart
NSE7_OTS-7.2 PDF + Engine

NSE7_OTS-7.2 PDF + Testing Engine

$45.5  $130
 Add to Cart