CertsTopics Logo

Weekend Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Free and Premium Fortinet NSE7_OTS-7.2 Dumps Questions Answers

Page: 1 / 5
Total 69 questions
Get NSE7_OTS-7.2 Full Access Download NSE7_OTS-7.2 PDF

Fortinet NSE 7 - OT Security 7.2 Questions and Answers

Question 1

Refer to the exhibit.

Which statement about the interfaces shown in the exhibit is true?

Options:

A.

port2, port2-vlan10, and port2-vlan1 are part of the software switch interface.

B.

The VLAN ID of port1-vlan1 can be changed to the VLAN ID 10.

C.

port1-vlan10 and port2-vlan10 are part of the same broadcast domain

D.

port1, port1-vlan10, and port1-vlan1 are in different broadcast domains

Buy Now
Question 2

Refer to the exhibit.

An OT architect has implemented a Modbus TCP with a simulation server Conpot to identify and control the Modus traffic in the OT network. The FortiGate-Edge device is configured with a software switch interface ssw-01.

Based on the topology shown in the exhibit, which two statements about the successful simulation of traffic between client and server are true? (Choose two.)

Options:

A.

The FortiGate-Edge device must be in NAT mode.

B.

NAT is disabled in the FortiGate firewall policy from port3 to ssw-01.

C.

The FortiGate devices is in offline IDS mode.

D.

Port5 is not a member of the software switch.

Question 3

When device profiling rules are enabled, which devices connected on the network are evaluated by the device profiling rules?

Options:

A.

Known trusted devices, each time they change location

B.

All connected devices, each time they connect

C.

Rogue devices, only when they connect for the first time

D.

Rogue devices, each time they connect

Question 4

An OT administrator deployed many devices to secure the OT network. However, the SOC team is reporting that there are too many alerts, and that many of the alerts are false positive. The OT administrator would like to find a solution that eliminates repetitive tasks, improves efficiency, saves time, and saves resources.

Which products should the administrator deploy to address these issues and automate most of the manual tasks done by the SOC team?

Options:

A.

FortiSIEM and FortiManager

B.

FortiSandbox and FortiSIEM

C.

FortiSOAR and FortiSIEM

D.

A syslog server and FortiSIEM

Question 5

An OT supervisor needs to protect their network by implementing security with an industrial signature database on the FortiGate device.

Which statement about the industrial signature database on FortiGate is true?

Options:

A.

A supervisor must purchase an industrial signature database and import it to the FortiGate.

B.

An administrator must create their own database using custom signatures.

C.

By default, the industrial database is enabled.

D.

A supervisor can enable it through the FortiGate CLI.

Question 6

Refer to the exhibit.

You need to configure VPN user access for supervisors at the breach and HQ sites using the same soft FortiToken. Each site has a FortiGate VPN gateway.

What must you do to achieve this objective?

Options:

A.

You must use a FortiAuthenticator.

B.

You must register the same FortiToken on more than one FortiGate.

C.

You must use the user self-registration server.

D.

You must use a third-party RADIUS OTP server.

Question 7

Refer to the exhibit.

You are navigating through FortiSIEM in an OT network.

How do you view information presented in the exhibit and what does the FortiGate device security status tell you?

Options:

A.

In the PCI logging dashboard and there are one or more high-severity security incidents for the FortiGate device.

B.

In the summary dashboard and there are one or more high-severity security incidents for the FortiGate device.

C.

In the widget dashboard and there are one or more high-severity incidents for the FortiGate device.

D.

In the business service dashboard and there are one or more high-severity security incidents for the FortiGate device.

Question 8

An OT network architect needs to secure control area zones with a single network access policy to provision devices to any number of different networks.

On which device can this be accomplished?

Options:

A.

FortiGate

B.

FortiEDR

C.

FortiSwitch

D.

FortiNAC

Question 9

Refer to the exhibit.

An OT administrator ran a report to identify device inventory in an OT network.

Based on the report results, which report was run?

Options:

A.

A FortiSIEM CMDB report

B.

A FortiAnalyzer device report

C.

A FortiSIEM incident report

D.

A FortiSIEM analytics report

Question 10

Refer to the exhibit.

An operational technology rule is created and successfully activated to monitor the Modbus protocol on FortiSIEM. However, the rule does not trigger incidents despite Modbus traffic and application logs being received correctly by FortiSIEM.

Which statement correctly describes the issue on the rule configuration?

Options:

A.

The first condition on the SubPattern filter must use the OR logical operator.

B.

The attributes in the Group By section must match the ones in Fitters section.

C.

The Aggregate attribute COUNT expression is incompatible with the filters.

D.

The SubPattern is missing the filter to match the Modbus protocol.

Question 11

An OT administrator configured and ran a default application risk and control report in FortiAnalyzer to learn more about the key application crossing the network. However, the report output is empty despite the fact that some related real-time and historical logs are visible in the FortiAnalyzer.

What are two possible reasons why the report output was empty? (Choose two.)

Options:

A.

The administrator selected the wrong logs to be indexed in FortiAnalyzer.

B.

The administrator selected the wrong time period for the report.

C.

The administrator selected the wrong devices in the Devices section.

D.

The administrator selected the wrong hcache table for the report.

Question 12

Refer to the exhibit

In the topology shown in the exhibit, both PLCs can communicate directly with each other, without going through the firewall.

Which statement about the topology is true?

Options:

A.

PLCs use IEEE802.1Q protocol to communicate each other.

B.

An administrator can create firewall policies in the switch to secure between PLCs.

C.

This integration solution expands VLAN capabilities from Layer 2 to Layer 3.

D.

There is no micro-segmentation in this topology.

Question 13

You are investigating a series of incidents that occurred in the OT network over past 24 hours in FortiSIEM.

Which three FortiSIEM options can you use to investigate these incidents? (Choose three.)

Options:

A.

Security

B.

IPS

C.

List

D.

Risk

E.

Overview

Question 14

Which statement about the IEC 104 protocol is true?

Options:

A.

IEC 104 is used for telecontrol SCADA in electrical engineering applications.

B.

IEC 104 is IEC 101 compliant in old SCADA systems.

C.

IEC 104 protects data transmission between OT devices and services.

D.

IEC 104 uses non-TCP/IP standards.

Question 15

Which three criteria can a FortiGate device use to look for a matching firewall policy to process traffic? (Choose three.)

Options:

A.

Services defined in the firewall policy.

B.

Source defined as internet services in the firewall policy

C.

Lowest to highest policy ID number

D.

Destination defined as internet services in the firewall policy

E.

Highest to lowest priority defined in the firewall policy

Question 16

What are two critical tasks the OT network auditors must perform during OT network risk assessment and management? (Choose two.)

Options:

A.

Planning a threat hunting strategy

B.

Implementing strategies to automatically bring PLCs offline

C.

Creating disaster recovery plans to switch operations to a backup plant

D.

Evaluating what can go wrong before it happens

Question 17

What are two benefits of a Nozomi integration with FortiNAC? (Choose two.)

Options:

A.

Enhanced point of connection details

B.

Direct VLAN assignment

C.

Adapter consolidation for multi-adapter hosts

D.

Importation and classification of hosts

Question 18

in an operation technology (OT) network FortiAnalyzer is used to receive and process logs from responsible FortiGate devices

Which statement about why FortiAnalyzer is receiving and processing multiple tog messages from a given programmable logic controller (PLC) or remote terminal unit (RTU) is true'?

Options:

A.

To determine which type of messages from the PLC or RTU causes issues in the plant

B.

To isolate PLCs or RTUs in the event of external attacks

C.

To help OT administrators troubleshoot and diagnose the OT network

D.

To track external threats and prevent them attacking the OT network

Question 19

Which three common breach points can you find in a typical OT environment? (Choose three.)

Options:

A.

Black hat

B.

VLAN exploits

C.

Global hat

D.

RTU exploits

E.

Hard hat

Question 20

As an OT network administrator, you are managing three FortiGate devices that each protect different levels on the Purdue model. To increase traffic visibility, you are required to implement additional security measures to detect exploits that affect PLCs.

Which security sensor must implement to detect these types of industrial exploits?

Options:

A.

Intrusion prevention system (IPS)

B.

Deep packet inspection (DPI)

C.

Antivirus inspection

D.

Application control

Exam Detail
Vendor: Fortinet
Certification: Fortinet Certification
Exam Code: NSE7_OTS-7.2
Exam Name: Fortinet NSE 7 - OT Security 7.2
Last Update: Jun 15, 2025
NSE7_OTS-7.2 Question Answers
Page: 1 / 5
Total 69 questions
Get NSE7_OTS-7.2 Full Access Download NSE7_OTS-7.2 PDF