CertsTopics Logo

Winter Sale - Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: top65certs

Free and Premium Fortinet NSE7_OTS-7.2 Dumps Questions Answers

Page: 1 / 5
Total 69 questions
Get NSE7_OTS-7.2 Full Access Download NSE7_OTS-7.2 PDF

Fortinet NSE 7 - OT Security 7.2 Questions and Answers

Question 1

Refer to the exhibit

In the topology shown in the exhibit, both PLCs can communicate directly with each other, without going through the firewall.

Which statement about the topology is true?

Options:

A.

PLCs use IEEE802.1Q protocol to communicate each other.

B.

An administrator can create firewall policies in the switch to secure between PLCs.

C.

This integration solution expands VLAN capabilities from Layer 2 to Layer 3.

D.

There is no micro-segmentation in this topology.

Buy Now
Question 2

Refer to the exhibit and analyze the output.

Which statement about the output is true?

Options:

A.

This is a sample of a FortiAnalyzer system interface event log.

B.

This is a sample of an SNMP temperature control event log.

C.

This is a sample of a PAM event type.

D.

This is a sample of FortiGate interface statistics.

Question 3

What triggers Layer 2 polling of infrastructure devices connected in the network?

Options:

A.

A failed Layer 3 poll

B.

A matched security policy

C.

A matched profiling rule

D.

A linkup or linkdown trap

Question 4

Refer to the exhibit.

Which statement is true about application control inspection?

Options:

A.

The industrial application control inspection process is unique among application categories.

B.

Security actions cannot be applied on the lowest level of the hierarchy.

C.

You can control security actions only on the parent-level application signature

D.

The parent signature takes precedence over the child application signature.

Question 5

What is the primary objective of implementing SD-WAN in operational technology (OT) networks'?

Options:

A.

Reduce security risk and threat attacks

B.

Remove centralized network security policies

C.

Enhance network performance of OT applications

D.

Replace standard links with lower cost connections

Question 6

Refer to the exhibit.

You are creating a new operational technology (OT) rule to monitor Modbus protocol traffic on FortiSIEM

Which action must you take to ensure that all Modbus messages on the network match the rule?

Options:

A.

Add a new condition to filter Modbus traffic based on the source TCP/UDP port

B.

The condition on the SubPattern filter must use the AND logical operator

C.

the Aggregate section, set the attribute value to equal to or greater than 0

D.

In the Group By section remove all attributes that are not configured in the Filter section

Question 7

An OT network consists of multiple FortiGate devices. The edge FortiGate device is deployed as the secure gateway and is only allowing remote operators to access the ICS networks on site.

Management hires a third-party company to conduct health and safety on site. The third-party company must have outbound access to external resources.

As the OT network administrator, what is the best scenario to provide external access to the third-party company while continuing to secure the ICS networks?

Options:

A.

Configure outbound security policies with limited active authentication users of the third-party company.

B.

Create VPN tunnels between downstream FortiGate devices and the edge FortiGate to protect ICS network traffic.

C.

Split the edge FortiGate device into multiple logical devices to allocate an independent VDOM for the third-party company.

D.

Implement an additional firewall using an additional upstream link to the internet.

Question 8

in an operation technology (OT) network FortiAnalyzer is used to receive and process logs from responsible FortiGate devices

Which statement about why FortiAnalyzer is receiving and processing multiple tog messages from a given programmable logic controller (PLC) or remote terminal unit (RTU) is true'?

Options:

A.

To determine which type of messages from the PLC or RTU causes issues in the plant

B.

To isolate PLCs or RTUs in the event of external attacks

C.

To help OT administrators troubleshoot and diagnose the OT network

D.

To track external threats and prevent them attacking the OT network

Question 9

An OT administrator has configured FSSO and local firewall authentication. A user who is part of a user group is not prompted from credentials during authentication.

What is a possible reason?

Options:

A.

FortiGate determined the user by passive authentication

B.

The user was determined by Security Fabric

C.

Two-factor authentication is not configured with RADIUS authentication method

D.

FortiNAC determined the user by DHCP fingerprint method

Question 10

As an OT administrator, it is important to understand how industrial protocols work in an OT network.

Which communication method is used by the Modbus protocol?

Options:

A.

It uses OSI Layer 2 and the primary device sends data based on request from secondary device.

B.

It uses OSI Layer 2 and both the primary/secondary devices always send data during the communication.

C.

It uses OSI Layer 2 and both the primary/secondary devices send data based on a matching token ring.

D.

It uses OSI Layer 2 and the secondary device sends data based on request from primary device.

Question 11

The OT network analyst runs different level of reports to quickly explore threats that exploit the network. Such reports can be run on all routers, switches, and firewalls. Which FortiSIEM reporting method helps to identify these type of exploits of image firmware files?

Options:

A.

CMDB reports

B.

Threat hunting reports

C.

Compliance reports

D.

OT/loT reports

Question 12

Refer to the exhibit.

The IPS profile is added on all of the security policies on FortiGate.

For an OT network, which statement of the IPS profile is true?

Options:

A.

FortiGate has no IPS industrial signature database enabled.

B.

The listed IPS signatures are classified as SCADA equipment.

C.

All IPS signatures are overridden and must block traffic match signature patterns.

D.

The IPS profile inspects only traffic originating from SCADA equipment.

Question 13

An OT supervisor has configured LDAP and FSSO for the authentication. The goal is that all the users be authenticated against passive authentication first and, if passive authentication is not successful, then users should be challenged with active authentication.

What should the OT supervisor do to achieve this on FortiGate?

Options:

A.

Configure a firewall policy with LDAP users and place it on the top of list of firewall policies.

B.

Enable two-factor authentication with FSSO.

C.

Configure a firewall policy with FSSO users and place it on the top of list of firewall policies.

D.

Under config user settings configure set auth-on-demand implicit.

Question 14

An OT supervisor needs to protect their network by implementing security with an industrial signature database on the FortiGate device.

Which statement about the industrial signature database on FortiGate is true?

Options:

A.

A supervisor must purchase an industrial signature database and import it to the FortiGate.

B.

An administrator must create their own database using custom signatures.

C.

By default, the industrial database is enabled.

D.

A supervisor can enable it through the FortiGate CLI.

Question 15

An OT administrator configured and ran a default application risk and control report in FortiAnalyzer to learn more about the key application crossing the network. However, the report output is empty despite the fact that some related real-time and historical logs are visible in the FortiAnalyzer.

What are two possible reasons why the report output was empty? (Choose two.)

Options:

A.

The administrator selected the wrong logs to be indexed in FortiAnalyzer.

B.

The administrator selected the wrong time period for the report.

C.

The administrator selected the wrong devices in the Devices section.

D.

The administrator selected the wrong hcache table for the report.

Question 16

With the limit of using one firewall device, the administrator enables multi-VDOM on FortiGate to provide independent multiple security domains to each ICS network. Which statement ensures security protection is in place for all ICS networks?

Options:

A.

Each traffic VDOM must have a direct connection to FortiGuard services to receive the required security updates.

B.

The management VDOM must have access to all global security services.

C.

Each VDOM must have an independent security license.

D.

Traffic between VDOMs must pass through the physical interfaces of FortiGate to check for security incidents.

Question 17

Which statement about the IEC 104 protocol is true?

Options:

A.

IEC 104 is used for telecontrol SCADA in electrical engineering applications.

B.

IEC 104 is IEC 101 compliant in old SCADA systems.

C.

IEC 104 protects data transmission between OT devices and services.

D.

IEC 104 uses non-TCP/IP standards.

Question 18

An OT administrator is defining an incident notification policy using FortiSIEM and would like to configure the system with a notification policy. If an incident occurs, the administrator would like to be able to intervene and block an IP address or disable a user in Active Directory from FortiSIEM.

Which step must the administrator take to achieve this task?

Options:

A.

Configure a fabric connector with a notification policy on FortiSIEM to connect with FortiGate.

B.

Create a notification policy and define a script/remediation on FortiSIEM.

C.

Define a script/remediation on FortiManager and enable a notification rule on FortiSIEM.

D.

Deploy a mitigation script on Active Directory and create a notification policy on FortiSIEM.

Question 19

In a wireless network integration, how does FortiNAC obtain connecting MAC address information?

Options:

A.

RADIUS

B.

Link traps

C.

End station traffic monitoring

D.

MAC notification traps

Question 20

Which two statements are true when you deploy FortiGate as an offline IDS? (Choose two.)

Options:

A.

FortiGate receives traffic from configured port mirroring.

B.

Network traffic goes through FortiGate.

C.

FortiGate acts as network sensor.

D.

Network attacks can be detected and blocked.

Exam Detail
Vendor: Fortinet
Certification: NSE 7 Network Security Architect
Exam Code: NSE7_OTS-7.2
Exam Name: Fortinet NSE 7 - OT Security 7.2
Last Update: Nov 18, 2025
NSE7_OTS-7.2 Question Answers
Page: 1 / 5
Total 69 questions
Get NSE7_OTS-7.2 Full Access Download NSE7_OTS-7.2 PDF