CertsTopics Logo

Labour Day Special - Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: top65certs

Fortinet NSE7_OTS-7.2 Dumps

Page: 1 / 5
Total 62 questions
Get NSE7_OTS-7.2 Full Access Download NSE7_OTS-7.2 PDF

Fortinet NSE 7 - OT Security 7.2 Questions and Answers

Question 1

An OT supervisor needs to protect their network by implementing security with an industrial signature database on the FortiGate device.

Which statement about the industrial signature database on FortiGate is true?

Options:

A.

A supervisor must purchase an industrial signature database and import it to the FortiGate.

B.

An administrator must create their own database using custom signatures.

C.

By default, the industrial database is enabled.

D.

A supervisor can enable it through the FortiGate CLI.

Question 2

FortiAnalyzer is implemented in the OT network to receive logs from responsible FortiGate devices. The logs must be processed by FortiAnalyzer.

In this scenario, which statement is correct about the purpose of FortiAnalyzer receiving and processing multiple log messages from a given PLC or RTU?

Options:

A.

To isolate PLCs or RTUs in the event of external attacks

B.

To configure event handlers and take further action on FortiGate

C.

To determine which type of messages from the PLC or RTU causes issues in the plant

D.

To help OT administrators configure the network and prevent breaches

Question 3

An OT architect has deployed a Layer 2 switch in the OT network at Level 1 the Purdue model-process control. The purpose of the Layer 2 switch is to segment traffic between PLC1 and PLC2 with two VLANs. All the traffic between PLC1 and PLC2 must first flow through the Layer 2 switch and then through the FortiGate device in the Level 2 supervisory control network.

What statement about the traffic between PLC1 and PLC2 is true?

Options:

A.

The Layer 2 switch rewrites VLAN tags before sending traffic to the FortiGate device.

B.

The Layer 2 switches routes any traffic to the FortiGate device through an Ethernet link.

C.

PLC1 and PLC2 traffic must flow through the Layer-2 switch trunk link to the FortiGate device.

D.

In order to communicate, PLC1 must be in the same VLAN as PLC2.

Question 4

An OT administrator is defining an incident notification policy using FortiSIEM and would like to configure the system with a notification policy. If an incident occurs, the administrator would like to be able to intervene and block an IP address or disable a user in Active Directory from FortiSIEM.

Which step must the administrator take to achieve this task?

Options:

A.

Configure a fabric connector with a notification policy on FortiSIEM to connect with FortiGate.

B.

Create a notification policy and define a script/remediation on FortiSIEM.

C.

Define a script/remediation on FortiManager and enable a notification rule on FortiSIEM.

D.

Deploy a mitigation script on Active Directory and create a notification policy on FortiSIEM.

Question 5

Which statemenl about the IEC 104 protocol is true?

Options:

A.

IEC 104 is used for telecontrol SCADA in electrical engineering applications.

B.

IEC 104 is IEC 101 compliant in old SCADA systems.

C.

IEC 104 protects data transmission between OT devices and services.

D.

IEC 104 uses non-TCP/IP standards.

Question 6

You are investigating a series of incidents that occurred in the OT network over past 24 hours in FortiSIEM.

Which three FortiSIEM options can you use to investigate these incidents? (Choose three.)

Options:

A.

Security

B.

IPS

C.

List

D.

Risk

E.

Overview

Question 7

Refer to the exhibit.

Which statement about the interfaces shown in the exhibit is true?

Options:

A.

port2, port2-vlan10, and port2-vlan1 are part of the software switch interface.

B.

The VLAN ID of port1-vlan1 can be changed to the VLAN ID 10.

C.

port1-vlan10 and port2-vlan10 are part of the same broadcast domain

D.

port1, port1-vlan10, and port1-vlan1 are in different broadcast domains

Question 8

Which statement is correct about processing matched rogue devices by FortiNAC?

Options:

A.

FortiNAC cannot revalidate matched devices.

B.

FortiNAC remembers the match ng rule of the rogue device

C.

FortiNAC disables matching rule of previously-profiled rogue devices.

D.

FortiNAC matches the rogue device with only one device profiling rule.

Question 9

What are two critical tasks the OT network auditors must perform during OT network risk assessment and management? (Choose two.)

Options:

A.

Planning a threat hunting strategy

B.

Implementing strategies to automatically bring PLCs offline

C.

Creating disaster recovery plans to switch operations to a backup plant

D.

Evaluating what can go wrong before it happens

Question 10

Which three Fortinet products can be used for device identification in an OT industrial control system (ICS)? (Choose three.)

Options:

A.

FortiNAC

B.

FortiManager

C.

FortiAnalyzer

D.

FortiSIEM

E.

FortiGate

Question 11

An OT administrator has configured FSSO and local firewall authentication. A user who is part of a user group is not prompted from credentials during authentication.

What is a possible reason?

Options:

A.

FortiGate determined the user by passive authentication

B.

The user was determined by Security Fabric

C.

Two-factor authentication is not configured with RADIUS authentication method

D.

FortiNAC determined the user by DHCP fingerprint method

Question 12

Which two frameworks are common to secure ICS industrial processes, including SCADA and DCS? (Choose two.)

Options:

A.

Modbus

B.

NIST Cybersecurity

C.

IEC 62443

D.

IEC104

Question 13

Refer to the exhibit

In the topology shown in the exhibit, both PLCs can communicate directly with each other, without going through the firewall.

Which statement about the topology is true?

Options:

A.

PLCs use IEEE802.1Q protocol to communicate each other.

B.

An administrator can create firewall policies in the switch to secure between PLCs.

C.

This integration solution expands VLAN capabilities from Layer 2 to Layer 3.

D.

There is no micro-segmentation in this topology.

Question 14

Refer to the exhibit.

Based on the Purdue model, which three measures can be implemented in the control area zone using the Fortinet Security Fabric? (Choose three.)

Options:

A.

FortiGate for SD-WAN

B.

FortiGate for application control and IPS

C.

FortiNAC for network access control

D.

FortiSIEM for security incident and event management

E.

FortiEDR for endpoint detection

Question 15

Which three Fortinet products can you use for device identification in an OT industrial control system (ICS)? (Choose three.)

Options:

A.

FortiSIEM

B.

FortiManager

C.

FortiAnalyzer

D.

FortiGate

E.

FortiNAC

Question 16

Refer to the exhibit.

PLC-3 and CLIENT can send traffic to PLC-1 and PLC-2. FGT-2 has only one software switch (SSW-1) connecting both PLC-3 and CLIENT. PLC-3 and CLIENT cannot send traffic to each other.

Which two statements about the traffic between PCL-1 and PLC-2 are true? (Choose two.)

Options:

A.

The switch on FGT-2 must be hardware to implement micro-segmentation.

B.

Micro-segmentation on FGT-2 prevents direct device-to-device communication.

C.

Traffic must be inspected by FGT-EDGE in OT networks.

D.

FGT-2 controls intra-VLAN traffic through firewall policies.

Question 17

Refer to the exhibit.

You are assigned to implement a remote authentication server in the OT network.

Which part of the hierarchy should the authentication server be part of?

Options:

A.

Edge

B.

Cloud

C.

Core

D.

Access

Question 18

In a wireless network integration, how does FortiNAC obtain connecting MAC address information?

Options:

A.

RADIUS

B.

Link traps

C.

End station traffic monitoring

D.

MAC notification traps

Page: 1 / 5
Total 62 questions
Get NSE7_OTS-7.2 Full Access Download NSE7_OTS-7.2 PDF